Chrome browser JavaScript Vulnerability allowed security researcher assume Nexus device control 6. Google promised solution.
A security researcher has revealed a new exploit that can allow someone to take remote control of an Android phone with just a Chrome link.
The vulnerability was demonstrated by Guang Gong during MobilePwn2Own, who was part of PacSec conference held in Tokyo, Japan. Full details were not disclosed to prevent criminals put this nefarious plan into action.
Gong managed to take control of a Nexus 6 Project Fi to attack a vulnerability Chrome JavaScript. Through the exploit, he installed an application providing full access to the smartphone without any user authentication.
Fortunately, a member of Google’s security team was at the event, so giant search will soon release a solution to the problem (along with a good reward for Gong).
Since you avoid unknown and / or unusual sites and only download their applications by the Play Store, everything should be fine. But it’s always good to keep an eye on the landscape of security mobile.
Why does this matter
Vulnerability Stagefright led to Android security issue to a new level because of how easy it was to have infected your smartphone without knowing by just one MMS message. In response, Google now sends a monthly patch for Nexus devices, while other Android device makers said they will also enhance their efforts for security
.
No comments:
Post a Comment