Dangerous Exploit found in Chrome for Android
|
|
A rather critical Exploit has been uncovered in Google's own 'Chrome for Android' app which allows malicious programs to be installed without user intervention.
|
|
A security researcher by the name of Guang Gong has demonstrated an exploit which allows the user to take over almost any android device, and with Android's market share, that is a great deal of users at risk. The vulnerability is in the most recent versions of chrome, which works on most Android phones.
Guang Gong demonstrated this exploit by taking control of a Nexus 6 and installing an app, without any user involvement. The exploit targets the JavaScript Engine in the chrome app and could be tweaked to effect all variants of android.
“As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone.”
Until the exploit is fixed, I would recommend un installing chrome and using an alternate browser. Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
