Friday, November 13, 2015

Alert: Chrome on Android can be attacked with a simple link – Pplware

Usually the security problems affecting operating systems indiscriminately. Another common point of attack are the browsers because they are naturally exposed to the Internet and all your problems.

A recent discovery has brought the public a Chrome vulnerability, especially the version for Android. And what’s so special? A simple link to compromise the browser.

android_chrome_0


There are few security holes in browsers. Custom clients are well identified and all know. But this time the target is a browser that normally goes arredado these problems.

What this fails’s different is that you can install applications on any Android smartphone, using only a link especially designed for this purpose . It does not involve the operation of any system failure or the application of a number of steps to reach the intended purpose.

Discovered by Guang Gong, an employee of the security company Quihoo 360, this is a failure that is the engine javascript V8. No details were given details about how it can be exploited.

To show the flaw he discovered, Guang Gong simply used an Android smartphone and agreed to a page yours, created purposely to explore the problem.

Within seconds, the Android smartphone applications installed without any intervention or without being asked any authorization.

android_chrome_2

Good news!

The good news there and realize that Google was the presentation where Guang Gong showed Chrome failure. After some exchange of ideas among them the research company officials assured they would deal with the problem as soon as possible.

The failure was shown in a recent version of Chrome for Android and in theory can be exploited in any of the previous versions, so great care is not enough.

Safety rules are clear and users know them well. Just have to be careful to do them and will be protected. However, Google will update the V8 and also Chrome, ensuring that this problem disappears for good.

LikeTweet

No comments:

Post a Comment