Three New Android Vulnerabilities Released

Smartphone security has become a popular topic amongst security researchers, with three new vulnerabilities released in the last two weeks alone. Speakers at BlackHat Abu Dhabi, HouSecCon, and Intel’s Annual Security Conference have released new vulnerabilities in Android that allow attackers to execute arbitrary code or install apps without user intervention.

Last week, Alert Logic released exploit code that targets the browser in Android smartphones running 2.1 or earlier. This vulnerability is fixed in the latest version of Android (Froyo); however, there are many devices still running earlier versions of Android that could be affected.

Just like vulnerable PC web browsers, a vulnerable smartphone just needs to visit a website infected with malicious code to be exploited. Net: if you are running 2.1 on your Android, be very careful what sites you visit. To tell if you are running 2.1 on your phone, navigate to Settings –> About Phone. Scroll down to Android Version, if it says 2.1 your phone is vulnerable.

This week, security researchers Jon Oberheide and Zach Lanier demonstrated a flaw whereby a malicious application that requests a few critical permissions can then install other applications without user intervention. Continue reading ….

Related Posts

CoreOS announces Distributed Trusted Computing for Tectonic Enterprise Today’s vulnerabilities - Heartbleed, Shellshock, Poodle - have a brand. When vulnerabilities have a brand and your favorite companies are making ...
Microsoft’s Surface RT is an “Unmitigated Disaster.” What’s wrong with that?... After Microsoft successfully used Restricted Boot to make dual-booting Linux distributions and Windows 8 on newer desktop and notebook computers a pai...
Two things I’ve learned from using Tor Browser So for the past three months I've been using Tor Browser to surf the Web, not as a primary browser, but as a secondary browser. Firefox is my primary ...
Cloud Computing: New Way to Patch Holes in the ‘Cloud’ Researchers from North Carolina State University and IBM have invented a way to update computer systems packaged in virtual machines in a computer "cl...
Students line up for new free software master at open universities Two of Europe's open universities, the Universitat Oberta de Catalunya in Spain and Open Universiteit in the Netherlands, are about to start the firs...
Italian govt agencies to consider Free Software before commercial software The Italian Digital Agency has recommended that its government's agencies consider Free Software alternatives before purchasing licenses for commercia...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.

One Comment

  1. Pingback: Tweets that mention Three New Android Vulnerabilities Released — --

Leave a Comment

Your email address will not be published. Required fields are marked *