[img]http://www.blogcdn.com/www.engadget.com/media/2011/01/android2.3gingerbread-bug2011.jpg
[/img]
A researcher at North Carolina State University is warning of an
Android 2.3 security vulnerability that gives attackers access to your
personal information, further proof that Gingerbread isn't all sugar
and spice (to be fair, that SMS issue has since been remedied).
According to Xuxian Jiang, the bug allows malicious websites to access
and upload the contents of a user's microSD card, including
voicemails, photos, and online banking information to a remote server.
The flaw apparently resembles a similar bug in previous version of
Android, thought to have been addressed with Gingerbread. However, as
Jiang points out, that fix is easily bypassed. Apart from removing the
microSD card, disabling JavaScript, or switching to a third-party
browser, Android 2.3 users have little recourse in squashing the bug.
The folks at eWeek reported that Google is working on a solution to
the problem, but there's no word on when we can expect to see an update.
No comments:
Post a Comment