A new vulnerability in Android based web browser has been found which allows attackers to access the contents of files stored on the device's SD card, credentials stored in the browser, browser history, spy on your web transactions, even in encrypted.The vulnerability is present in a code written by software company PacketVideo; contributed an open version of their core multimedia application to Android where it became the multimedia subsystem for the Android web browser. Google says that a fix will be released as soon as it will be available.
HTC Desire, Google Nexus One, Samsung Galaxy Tab etc. (even with Android 2.2) are vulnerable to this kind of attack.Tips to protect you from hacking until Google issues a security patch:
1)Do not use the Android web browser. If this is not possible, only visit trusted sites and only over the T-Mobile network (avoid Wi-Fi). Use browser such as Opera Mobile; which prompts the user before downloading files.
2)Disable JavaScript in the browser.
Check for suspicious automatic downloads, which should be flagged in the notification area. This shouldn’t be happening completely in the background.
3)Unmounting the SD card.
We thank our loyal reader Shipra
Sahai for providing us with this article
0 comments:
Post a Comment