123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Information Security Researchers Reveal Vulnerability In Android 2.3

Profile Picture
By Author: Peter Martin
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Several security research reports have cautioned users against increased attack on Mobile phones and applications during this year. Recently, security researchers at North Carolina State University (NCSU) discovered vulnerability in Android 2.3 (Gingerbread). The identified vulnerability in the latest version of the mobile operating system causes attackers to gain unauthorized access to files and documents on the microSD card (storage card) in the mobile phone.

The vulnerability has been identified by a team of information security professionals led by Xuxian Jiang, an assistant professor in the University's computer science department.

The recently release Gingerbread version comes with improved features over the earlier version Froyo. The new version comes with features such an improved on-screen key board and better user interface. Gingerbread is a minor version and may be replaced with Android 3.0 (Honeycomb) during the course of this year.

Usually, software developers use ethical hacking ...
... to ascertain security flaws. In this case, researchers identified the vulnerability by testing a Nexus S device installed with Gingerbread. The researchers launched attacks on the operating system through a proof-of-concept exploit code.
Fortunately, the purpose of the exploit was to alert developers on the security flaw in the operating system. Attackers may exploit the vulnerability by alluring users to click a fake and malicious link. When unsuspecting users click on the link, the malicious code is executed on their phones. By exploiting the vulnerability attackers may acquire list of applications installed on the mobile device. The executed malicious code may allow attackers to open, view and upload files, photos, voicemails and applications stored in the microSD card partitions to a remote server. Therefore, the attack poses information security risk for users of Nexus S. The extracted information may be misused by the attackers to indulge in identity theft, fraud, blackmail and other forms of cybercrime.

Google, the vendor of product has not yet issued any patch for the vulnerability. Earlier patches were issued for similar vulnerabilities in the previous versions of Android. The current vulnerability may be fixed in the newer versions or during the release of the next major version Honeycomb.

Security professionals have advised users of Nexus S to disable Javascript or install a different web browser such as firefox to safeguard sensitive personal information.

Total Views: 313Word Count: 373See All articles From Author

Add Comment

Computers Articles

1. Employee Attendance System | 1 Sgd Mobile Attendance
Author: knani

2. Employee Mobile App For Time Attendance In Singapore
Author: knani

3. Malaysia Website Design – Rm499 For Unlimited Pages
Author: chinni rishi

4. Budget Website Design Malaysia | Rm499 & Unlimited Pages
Author: chinni rishi

5. Streamlined Attendance Tracking | Free Payroll
Author: kayakakula rishi

6. Singapore Employee App | Free Payroll | Just 1sgd
Author: kayakakula rishi

7. Biometric Fingerprint Attendance System | Free Payroll | Starting At 1sgd/mo
Author: kayakakula rishi

8. Top Web Design Agency Sg | 499sgd Unlimited Pages
Author: kayakakula rishi

9. Best Cms Web Design | Sgd 499 Nett Singapore
Author: kayakakula rishi

10. Your Web Project | Singapore | 499sgd Unlimited Pages
Author: kayakakula parvathi

11. Create Your Web Solution | Singapore | 499sgd Unlimited
Author: kayakakula parvathi

12. Tailored Virtual Security Guard Sg Plans From 30sgd
Author: chinni parvathi

13. Confined Space Management Best Practices | Free Payroll
Author: chinni parvathi

14. Zuckerberg’s Bold Ai Initiative: 5 Big Moves Unveiled
Author: Impaakt Magazine

15. Trending Technologies In Frontend Development
Author: davidjohansen

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: