Android 2.3 security bug shows microSD access vulnerability

A researcher at North Carolina State University is warning of an Android 2.3 security vulnerability that gives attackers access to your personal information, further proof that Gingerbread isn’t all sugar and spice (to be fair, that SMS issue has since been remedied). According to Xuxian Jiang, the bug allows malicious websites to access and upload the contents of a user’s microSD card, including voicemails, photos, and online banking information to a remote server. The flaw apparently resembles a similar bug in previous version of Android, thought to have been addressed with Gingerbread. However, as Jiang points out, that fix is easily bypassed. Apart from removing the microSD card, disabling JavaScript, or switching to a third-party browser, Android 2.3 users have little recourse in squashing the bug. The folks at eWeek reported that Google is working on a solution to the problem, but there’s no word on when we can expect to see an update.

View the original article here

You may also like:

• The Samsung Galaxy Note Offers A Great Organiser And Access To The Super Android Marketplace
• More evidence shows Google may have copied Oracle in Android
• FaceTime QuickPick, quick access to Face Time – Cydia
• Top 10 Android Apps
• 3 Best Android Phones To Consider Before You Buy One