Featured Articles

Nvidia adjusts GTX 980 and GTX 970 pricing

Nvidia adjusts GTX 980 and GTX 970 pricing

It appears that Nvidia has been feeling the pulse of the market and took some note from comments regarding the original…

More...
iPhone 6 and 6 Plus reviews are up and they are good

iPhone 6 and 6 Plus reviews are up and they are good

Apple is dancing the same dance year after year. It releases the iPhone and two days before they start shipping it…

More...
Amazon announces three new tablets

Amazon announces three new tablets

Amazon has just released three new tablets starting with the $99 priced 6-inch Kindle Fire HD6. This is a 6-inch tablet…

More...
PowerColor TurboDuo R9 285 reviewed

PowerColor TurboDuo R9 285 reviewed

Today we will take a look at the PowerColor TurboDuo Radeon R9 285. The card is based on AMD’s new…

More...
Nvidia Shield Tablet 32GB 4G LTE out for pre orders

Nvidia Shield Tablet 32GB 4G LTE out for pre orders

Nvidia has finally revealed the shipping date of its Shield Tablet 32GB in 4G LTE flavour and in case you pre-order…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 21 February 2014 09:41

Android hit by nasty malware

Written by Nick Farrell



Which is 14 months old

The ability of Google to make sure that its Android code is properly patched is being questioned after hackers used a 14 month old vulnerability to do some serious damage. Using the Metasploit framework, the critical Android vulnerability gives attackers a point-and-click interface for hacking a majority of smartphones and tablets that run the Google operating system.

However, what is alarming is that the hole that the exploit uses has been known about by Google for more than 14 months. The critical bug is in Android's WebView programming interface and gives attackers remote access to a phone's camera and file system, SD card contents, and address books. Google patched the vulnerability in November with the release of Android 4.2, but according to the company's figures, the fix is only installed on well under half of the handsets it tracks.

Tod Beardsley, a researcher for Metasploit maintainer Rapid7 vendors need to move towards ensuring that single-click vulnerabilities like this don't last for 93+ weeks in the wild. Yesterday US Civil liberties advocates have asked the US Federal Trade Commission to take action against the nation's four major wireless carriers for selling millions of Android smartphones that never, or only rarely, receive updates to patch dangerous security vulnerabilities.

The request for investigation and complaint for injunctive relief was filed Tuesday by the American Civil Liberties Union against AT&T, Verizon Wireless, Sprint Nextel, and T-Mobile USA.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments