Xuxian Jiang, a computer security researcher at a North Carolina State University, has discovered a security vulnerability in Google’s latest OS release, Android 2.3 (Gingerbread).
The bug gives hackers access to user data, similar to an issue that was rectified in previous OS versions, but it seems to have been overlooked with 2.3. It basically takes the clicking of a link with malicious code attached, but once clicked hackers have the ability to scan all the files on your phone’s microSD memory card, then pick up personal data: photos, applications, voicemails, online banking details, and then upload the files to a remote server.
A spokesperson from Google has said that they had been contacted by Jiang about the flaw a couple of days ago and that Google has now developed a fix that will be rolled out in an upcoming Android 2.3 maintenance upgrade. However, no confirmation of a date for the update has been given.