Three New Android Vulnerabilities Released

Smartphone security has become a popular topic amongst security researchers, with three new vulnerabilities released in the last two weeks alone. Speakers at BlackHat Abu Dhabi, HouSecCon, and Intel’s Annual Security Conference have released new vulnerabilities in Android that allow attackers to execute arbitrary code or install apps without user intervention.

Last week, Alert Logic released exploit code that targets the browser in Android smartphones running 2.1 or earlier. This vulnerability is fixed in the latest version of Android (Froyo); however, there are many devices still running earlier versions of Android that could be affected.

Just like vulnerable PC web browsers, a vulnerable smartphone just needs to visit a website infected with malicious code to be exploited. Net: if you are running 2.1 on your Android, be very careful what sites you visit. To tell if you are running 2.1 on your phone, navigate to Settings –> About Phone. Scroll down to Android Version, if it says 2.1 your phone is vulnerable.

This week, security researchers Jon Oberheide and Zach Lanier demonstrated a flaw whereby a malicious application that requests a few critical permissions can then install other applications without user intervention. Continue reading ….

Related Posts

Solution for crashing KDE applications on Linux Mint 17.1 Cinnamon On one of my test systems, I have Linux Mint 17.1 Cinnamon installed. However, I still like to use KSnapshot, the screenshot application for KDE. A...
Children hospitals saving money by using open source Italian children hospitals are saving money by using the 'Smart Inclusion project' using open source technology and offering access to for instance me...
Deploying a scalable Jenkins cluster with Docker and Rancher Containerization brings several benefits to traditional CI platforms where builds share hosts: build dependencies can be isolated, applications can be...
FreeOTP now vailable for Android. Install it from Google Play FreeOTP is now available for Android and can be installed from Google Play. FreeOTP, which is based on open standards, is a "multi-factor authentic...
Hardware Encryption Developed for New Computer Memory Technology Security concerns are one of the key obstacles to the adoption of new non-volatile main memory (NVMM) technology in next-generation computers, which w...
OSSEC 2.7 released OSSEC is Free Software, a GPL-licensed, host-based intrusion detection system (HIDS) that operates on a client-server model. Its development is sponso...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

One Comment

  1. Pingback: Tweets that mention Three New Android Vulnerabilities Released — --

Leave a Comment

Your email address will not be published. Required fields are marked *