Featured Articles

AMD sheds light on stacked DRAM APUs

AMD sheds light on stacked DRAM APUs

AMD is fast tracking stacked DRAM deployment and a new presentation leaked by the company  points to APUs with stacked DRAM,…

More...
Nvidia officially launches the 8-inch Shield Tablet

Nvidia officially launches the 8-inch Shield Tablet

As expected and reported earlier, Nvidia has now officially announced its newest Shield device, the new 8-inch Shield Tablet. While the…

More...
Intel launches new mobile Haswell and Bay Trail parts

Intel launches new mobile Haswell and Bay Trail parts

Intel has introduced seven new Haswell mobile parts and four Bay Trail SoC chips, but most of them are merely clock…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
AMD A8-7600 Kaveri APU reviewed

AMD A8-7600 Kaveri APU reviewed

Today we'll take a closer look at AMD's A8-7600 APU Kaveri APU, more specifically we'll examine the GPU performance you can…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 21 February 2014 09:41

Android hit by nasty malware

Written by Nick Farrell



Which is 14 months old

The ability of Google to make sure that its Android code is properly patched is being questioned after hackers used a 14 month old vulnerability to do some serious damage. Using the Metasploit framework, the critical Android vulnerability gives attackers a point-and-click interface for hacking a majority of smartphones and tablets that run the Google operating system.

However, what is alarming is that the hole that the exploit uses has been known about by Google for more than 14 months. The critical bug is in Android's WebView programming interface and gives attackers remote access to a phone's camera and file system, SD card contents, and address books. Google patched the vulnerability in November with the release of Android 4.2, but according to the company's figures, the fix is only installed on well under half of the handsets it tracks.

Tod Beardsley, a researcher for Metasploit maintainer Rapid7 vendors need to move towards ensuring that single-click vulnerabilities like this don't last for 93+ weeks in the wild. Yesterday US Civil liberties advocates have asked the US Federal Trade Commission to take action against the nation's four major wireless carriers for selling millions of Android smartphones that never, or only rarely, receive updates to patch dangerous security vulnerabilities.

The request for investigation and complaint for injunctive relief was filed Tuesday by the American Civil Liberties Union against AT&T, Verizon Wireless, Sprint Nextel, and T-Mobile USA.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments