A security flaw in Android makes 75 percent of devices vulnerable to hackers.
OnePlus TV 32Y1 - Smarter TV
Android TV with superior craftsmanship and elegant design - Buy Now
Click here to know moreAdvertisements
Security experts have discovered a new flaw in Android browser that allows attackers to run scripts that can read the contents of any open tab and harvest private data. The security flaw affects Android devices running any version prior to 4.4.
The flaw was first reported by ethical hacker and blogger Rafay Baloch, who has tested it on a variety of devices, since then his findings have further been confirmed by others in the security industry. According to Google's own analytics, this affects at least 75 percent of all Android users as very large proportion of new phones also ship with Android 4.3 or lower.
According to reports the problem relates the Single-Origin Policy, which can be bypassed for the Android browser by deliberately feeding it a malformed instruction which allows scripts to be run without supervision. This simple exploit allows attackers to read data even from secure sites once they are opened, and redirect the data to any external site.
According to Baloch, "A SOP bypass occurs when a siteA.com is some how able to access the properties of siteB.com such as cookies, location, response etc. Due to the nature of the issue and potential impact, browsers have very strict model pertaining it and a SOP bypass is rarely found in modern browsers, however, they are found once in a while."
Google has not yet responded to the disclosure.
CISCO's annual Security report has stated that 99 percent of all mobile malware in 2013 targeted Android devices. According to a report by Trend Micro mobile malware threats will remain a growing concern and will continue to increase in 2014. Read: Google increases Android security with continuous malware scanning
Source: Rafay Baloch
Popular Mobile PhonesView All
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.