MicroSD Access Vulnerability in Android 2.3/Gingerbread

Discussion in 'Android News' started by dgstorm, Jan 31, 2011.

  1. dgstorm
    Offline

    dgstorm Editor in Chief Staff Member Premium Member

    Joined:
    Dec 30, 2010
    Messages:
    7,136
    Likes Received:
    1,323
    Trophy Points:
    113
    Location:
    Austin, TX
    [​IMG]


    A security vulnerability that allows a hacker to access personal information when the user simply clicks on a web-link with their Android phone has been found by Xuxian Jiang, a computer security researcher at NC State University. The exploit allows a malicious Web-site to read and upload the entire contents of the phone’s microSD card, including saved voicemails, photos or online banking data. This vulnerability is similar to one found on all previous versions of the Anroid OS, and Google thought they had it fixed with Gingerbread. Unfortunately, Mr. Jiang found a way to bypass their new security measures. According to Sources, the best option to protect yourself from this vulnerability is to switch to a third-party browser, such as Firefox, until Google develops a fix.

    Yikes! It's a good thing it was found by a researcher before some unscrupulous Malware hacker figured it out.

    Source: Engadget
  2. bazar6
    Offline

    bazar6 Premium Member Theme Developer Premium Member

    Joined:
    Dec 15, 2009
    Messages:
    676
    Likes Received:
    9
    Trophy Points:
    18
    Location:
    MD
    Unless they already have, and we just don't know about it. You said use an alternate browser like firefox.. I guess it's just an issue with the stock browser? Too bad firefox isn't supported by Droid1. DolphinBrowser it is!
  3. pdroid
    Offline

    pdroid New Member

    Joined:
    Mar 4, 2010
    Messages:
    2,252
    Likes Received:
    7
    Trophy Points:
    0
    Location:
    Philly
    It's important to make clear - this vulnerability does not currently exist on Froyo?
  4. WenWM
    Offline

    WenWM Premium Member Premium Member

    Joined:
    Sep 21, 2010
    Messages:
    642
    Likes Received:
    4
    Trophy Points:
    0
    Location:
    Minnesota
    Maybe this explains why the Nexus S doesn't have an SD card slot :D :D Talk about conspiracy theories...
  5. brokali
    Offline

    brokali New Member

    Joined:
    Jan 5, 2010
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    0
    Does that mean I am safe with Miren browser?

    Sent from my Droid using DroidForums App
  6. brokali
    Offline

    brokali New Member

    Joined:
    Jan 5, 2010
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    0
    I am using cm7

    Sent from my Droid using DroidForums App
  7. s13_slider
    Offline

    s13_slider New Member

    Joined:
    May 5, 2010
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Albuquerque, NM
    Woo! Skyfire!
  8. moosez3
    Offline

    moosez3 New Member

    Joined:
    May 13, 2010
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    0
    so wait froyo has this as well?
  9. Biggdogg76
    Offline

    Biggdogg76 New Member

    Joined:
    Dec 26, 2010
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    New Jersey
    Does this include ROMS with Gingerbread parts like PE4.2? It is still using the FRG83D so I think it is technically Froyo. Anyone know?
Search tags for this page

samsung sdcard vulnerability