Logo en.cybercomputersol.com
  • Upgrades
  • Apps
  • Comparisons
  • Releases
  • Offers
  • Operators
  • Prices
  • Rumors
  • Tricks
  • Various
  • Android Applications
  • Games
  • General
  • GPS
  • IPhone Apps
  • Messages
  • Pages
  • Photography
  • Tutorials
  • Utilities
Logo en.cybercomputersol.com
  • Upgrades
  • Apps
  • Comparisons
  • Releases
Home | Various

Android, new android vulnerability discovered that facilitates data theft

2025
Anonim

Just discovered a new vulnerability that generally affects all smartphones with Android. It allows a malicious website to get all the files stored on the SD memory card inserted in the mobile phone. In addition, this security failure also leaves other data and files stored on the mobile phone unprotected.

Security expert Thomas Cannon has discovered this vulnerability and explains on his blog that it is the result of a mixture of factors. First of all, the Android web browser does not notify the user when downloading a file, it does so automatically. Using a Java script, this file can be opened automatically for the browser to display. When an HTML file is opened in that local context, the Android browser executes the script without alerting the user. That way, the Java script can read the contents of the files and other data. Then the contentswho have read the Java script may be redirected to a malicious website.

One limitation of this exploit is that you need to know the name and path of the files you want to steal. However, several SD card data storage applications offer that information, and the files on the SD card (plus a few on the phone) are exposed. Thomas Cannon has contacted Android security officers, who are working to fix the vulnerability in version 2.3 (Gingerbread). In the meantime, Cannon offers several tips for plugging the security hole.

The first thing is to watch if any automatic download occurs; even if there is no notification, it does not happen completely silently. The user can also disable the Java scripts within the settings of their browser. On the other hand, a browser like Opera Mobile offers additional protection, because it warns before downloading a file. In addition, it is easier for an outside company to immediately release a browser update that patches a new vulnerability than Google does.

Other news about… Android, Google, Security

Android, new android vulnerability discovered that facilitates data theft
Various

Editor's choice

Dropbox

2025

WhatsApp

2025

Evernote

2025

Angry Birds

2025

Payments for add-ons within the application itself will grow in 2011

2025

Facebook

2025

Dropbox

2025

WhatsApp

2025

Evernote

2025

Angry Birds

2025

Payments for add-ons within the application itself will grow in 2011

2025

Facebook

2025

Editor's choice

  • Angry Birds

  • Payments for add-ons within the application itself will grow in 2011

  • Facebook

Editor's choice

  • Angry Birds

  • Payments for add-ons within the application itself will grow in 2011

  • Facebook

Editor's choice

  • Angry Birds

  • Payments for add-ons within the application itself will grow in 2011

  • Facebook

  • Upgrades
  • Apps
  • Comparisons
  • Releases
  • Offers
  • Operators
  • Prices
  • Rumors
  • Tricks
  • Various
  • Android Applications
  • Games
  • General
  • GPS
  • IPhone Apps
  • Messages
  • Pages
  • Photography
  • Tutorials
  • Utilities

© Copyright en.cybercomputersol.com, 2025 June | About site | Contacts | Privacy policy.