Three New Android Vulnerabilities Released

Smartphone security has become a popular topic amongst security researchers, with three new vulnerabilities released in the last two weeks alone. Speakers at BlackHat Abu Dhabi, HouSecCon, and Intel’s Annual Security Conference have released new vulnerabilities in Android that allow attackers to execute arbitrary code or install apps without user intervention.

Last week, Alert Logic released exploit code that targets the browser in Android smartphones running 2.1 or earlier. This vulnerability is fixed in the latest version of Android (Froyo); however, there are many devices still running earlier versions of Android that could be affected.

Just like vulnerable PC web browsers, a vulnerable smartphone just needs to visit a website infected with malicious code to be exploited. Net: if you are running 2.1 on your Android, be very careful what sites you visit. To tell if you are running 2.1 on your phone, navigate to Settings –> About Phone. Scroll down to Android Version, if it says 2.1 your phone is vulnerable.

This week, security researchers Jon Oberheide and Zach Lanier demonstrated a flaw whereby a malicious application that requests a few critical permissions can then install other applications without user intervention. Continue reading ….

Related Posts

Why I switched from Postgres to MongoDB, then to Neo4j When you're about to start a project and are trying to make a decision on the what applications to use, one way to proceed is to find out what other p...
Bologna achieves vendor independence for its office applications The administration of the Italian city of Bologna has almost completed its move to OpenOffice. Most of the 3600 PCs now run this open source suite of...
Install Unity Tweak Tool on Ubuntu 14.10 For both new and experienced users, most especially for new users, System Settings, Ubuntu's graphical management application, offers a simple, point-...
Top cyber security concerns for 2014 and beyond As 2013 draws to a close, it's time to start looking ahead to next year and years after that. This will form a series of articles on what lies ahead. ...
France begins IT research centre on innovation and free software France's national computer science institute, Inria, says free software is essential to develop digital society. The institute is launching a research...
Cell security in Apache HBase Here's a good article about security in Apache HBase that I think some readers will love. Apache HBase is a non-relational database for Hadoop. ...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


One Comment

  1. Pingback: Tweets that mention Three New Android Vulnerabilities Released — LinuxBSDos.com -- Topsy.com

Leave a Comment

Your email address will not be published. Required fields are marked *

*