Android browser vulnerability
Specialists from Independent Security Evaluators have reported a security vulnerability in the Android operating system and its browser. The exploitation of the vulnerability opens up a way for hackers to crack the operating system and retrieve user data.
The Independent Security Evaluators website states that the essence of the vulnerability has not yet been reported, since Google has been given time to fix it. The vulnerability is known only in passing, in particular, researchers say that hackers can create a malicious website that, using JavaScript codes, will steal any information from the browser’s cache (logins, passwords, saved data), as well as from many applications that are tied to browser. As a result of exploiting vulnerabilities, malicious financial, business and personal data may be in the hands of intruders.
At the same time, the researchers say that the Android security architecture in the case of the found bug works and the attackers will not be able to go outside the browser and use, for example, the smartphone’s dialing system.
Google confirmed that they received all the information about the problem and are working to resolve it. “We are working with T-Mobile to enable a browser patch. Soon it will be available for download to all smartphone users. Security and privacy of our users is the main task of the Android Open Source Project. We are confident that this message will not have a significant impact on the sales of G1 ″, - said a company representative.
via Android Blog
The Independent Security Evaluators website states that the essence of the vulnerability has not yet been reported, since Google has been given time to fix it. The vulnerability is known only in passing, in particular, researchers say that hackers can create a malicious website that, using JavaScript codes, will steal any information from the browser’s cache (logins, passwords, saved data), as well as from many applications that are tied to browser. As a result of exploiting vulnerabilities, malicious financial, business and personal data may be in the hands of intruders.
At the same time, the researchers say that the Android security architecture in the case of the found bug works and the attackers will not be able to go outside the browser and use, for example, the smartphone’s dialing system.
Google confirmed that they received all the information about the problem and are working to resolve it. “We are working with T-Mobile to enable a browser patch. Soon it will be available for download to all smartphone users. Security and privacy of our users is the main task of the Android Open Source Project. We are confident that this message will not have a significant impact on the sales of G1 ″, - said a company representative.
via Android Blog
')
Source: https://habr.com/ru/post/43453/
All Articles