AOH :: ISNQ7161.HTM

Android Vulnerable To Data Theft Exploit

Android Vulnerable To Data Theft Exploit
Android Vulnerable To Data Theft Exploit


http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=228400108 

By Mathew J. Schwartz 
InformationWeek
November 29, 2010

Google is working to patch a new data-stealing vulnerability that 
affects all versions of the Android operating system.

The vulnerability was discovered by security researcher Thomas Cannon. 
"While doing an application security assessment one evening I found a 
general vulnerability in Android which allows a malicious website to get 
the contents of any file stored on the SD card," he said on his blog. 
"It would also be possible to retrieve a limited range of other data and 
files stored on the phone using this vulnerability." In other words, a 
successful exploit wouldn't provide the attacker with root access to all 
device data.

Cannon said that after he emailed Google about the bug, the company made 
contact to discuss the issue just 20 minutes later. Google also asked 
him to withhold some details while it works on a fix. "As my intention 
is to inform people about the risk, not about how to exploit users, I've 
agreed," he said.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/

Site design & layout copyright © 1986- CodeGods