Android 2.3 Gingerbread security flaw reveals microSD contents to hackers

Xuxian Jiang, a computer security researcher at a North Carolina State University, has discovered a security vulnerability in Google's latest OS release, Android 2.3 (Gingerbread).

The bug gives hackers access to user data, similar to an issue that was rectified in previous OS versions, but it seems to have been overlooked with 2.3. It basically takes the clicking of a link with malicious code attached, but once clicked hackers have the ability to scan all the files on your phone's microSD memory card, then pick up personal data: photos, applications, voicemails, online banking details, and then upload the files to a remote server.

There have been a couple of ideas suggested to avoid being compromised by this in the wild, however both ideas have an impact on other features. The first it to disable or remove your microSD card, but this may stop you from saving photos or having enough storage capacity. The next  suggestion was to disable JavaScript on your Android browser, but this will stop you loading websites that require JavaScript functionality.  The least disruptive method would be to use a completely different third-party browser, such as Firefox.

A spokesperson from Google has said that they had been contacted by Jiang about the flaw a couple of days ago and that Google has now developed a fix that will be rolled out in an upcoming Android 2.3 maintenance upgrade. However, no confirmation of a date for the update has been given.

Source: Engadget, eWeek

You May Like These
More Like This:
About the Author
2014/05/Chris-Yackulic_1.jpg

Chris Yackulic

CEO / Publisher / Owner
Chris founded and started Androidheadlines.com website in 2009 and grew it into the international success it is today and is the CEO of the business today. Chris has been an entrepreneur most of his life running several businesses, startups and worked in the website technology Industry since 1998. His skills and assets are Business, Finance, Emerging Technology and the Mobile Industry including everything Android and Google related and more. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now