MicroSD Access Vulnerability in Android 2.3/Gingerbread

Discussion in 'Android News' started by dgstorm, Jan 31, 2011.

  1. dgstorm

    dgstorm Editor in Chief Staff Member Premium Member

    Joined:
    Dec 30, 2010
    Messages:
    7,813
    Likes Received:
    1,749
    Trophy Points:
    258
    Location:
    Austin, TX
    Ratings:
    +1,784
    [​IMG]


    A security vulnerability that allows a hacker to access personal information when the user simply clicks on a web-link with their Android phone has been found by Xuxian Jiang, a computer security researcher at NC State University. The exploit allows a malicious Web-site to read and upload the entire contents of the phone’s microSD card, including saved voicemails, photos or online banking data. This vulnerability is similar to one found on all previous versions of the Anroid OS, and Google thought they had it fixed with Gingerbread. Unfortunately, Mr. Jiang found a way to bypass their new security measures. According to Sources, the best option to protect yourself from this vulnerability is to switch to a third-party browser, such as Firefox, until Google develops a fix.

    Yikes! It's a good thing it was found by a researcher before some unscrupulous Malware hacker figured it out.

    Source: Engadget
     
  2. bazar6

    bazar6 Premium Member Theme Developer Premium Member

    Joined:
    Dec 15, 2009
    Messages:
    678
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    MD
    Ratings:
    +10
    Unless they already have, and we just don't know about it. You said use an alternate browser like firefox.. I guess it's just an issue with the stock browser? Too bad firefox isn't supported by Droid1. DolphinBrowser it is!
     
  3. pdroid

    pdroid Silver Member

    Joined:
    Mar 4, 2010
    Messages:
    2,252
    Likes Received:
    7
    Trophy Points:
    103
    Location:
    Philly
    Ratings:
    +7
    It's important to make clear - this vulnerability does not currently exist on Froyo?
     
  4. WenWM

    WenWM Premium Member Premium Member

    Joined:
    Sep 21, 2010
    Messages:
    642
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Minnesota
    Ratings:
    +4
    Maybe this explains why the Nexus S doesn't have an SD card slot :D :D Talk about conspiracy theories...
     
  5. brokali

    brokali Member

    Joined:
    Jan 5, 2010
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Ratings:
    +0
    Does that mean I am safe with Miren browser?

    Sent from my Droid using DroidForums App
     
  6. brokali

    brokali Member

    Joined:
    Jan 5, 2010
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Ratings:
    +0
    I am using cm7

    Sent from my Droid using DroidForums App
     
  7. s13_slider

    s13_slider Member

    Joined:
    May 5, 2010
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Albuquerque, NM
    Ratings:
    +0
    Woo! Skyfire!
     
  8. moosez3

    moosez3 Member

    Joined:
    May 13, 2010
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    so wait froyo has this as well?
     
  9. Biggdogg76

    Biggdogg76 Member

    Joined:
    Dec 26, 2010
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Jersey
    Ratings:
    +0
    Does this include ROMS with Gingerbread parts like PE4.2? It is still using the FRG83D so I think it is technically Froyo. Anyone know?
     
Search tags for this page

samsung sdcard vulnerability