Android Open Handset Developers Community

 
Guest Announcements

:arrow: Welcome: you are not yet registered; you can register here.
:arrow: A new forum on the new HTC Magic is available here.

It is currently Fri Feb 10, 2012 10:20 am

All times are UTC


 Topics   Replies   Views   Last post 
No new posts iphone ringtone maker

by soft25 on Thu Dec 09, 2010 6:20 am in ANDROID platform

0

252

Thu Dec 09, 2010 6:20 am

soft25

No new posts Rip Blu-ray video to Blackberry Playbook

by alex6699 on Fri Nov 26, 2010 2:56 am in Relaxing Lounge

0

217

Fri Nov 26, 2010 2:56 am

alex6699

No new posts A calls Blocker Software for Windows Mobile

by tingelsky on Tue Nov 16, 2010 7:08 am in Relaxing Lounge

0

138

Tue Nov 16, 2010 7:08 am

tingelsky

No new posts How can I backup my mobile contacts to my pc?

by weibin.li on Tue Aug 10, 2010 7:28 am in Relaxing Lounge

1

152

Tue Aug 10, 2010 7:28 am

weibin.li

No new posts Hi From KJ

by sirena.alex on Fri Jun 18, 2010 11:18 am in Users' introductions

1

271

Fri Jun 18, 2010 11:18 am

sirena.alex




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Security vulnerability in Android web browser
PostPosted: Sat Oct 25, 2008 9:39 pm 
Offline

Joined: Thu Dec 27, 2007 2:12 pm
Posts: 36
Hi all,
a couple of days after the market lunch of T-Mobile G1, security experts (not malicious guys) have found a serious vulnerability on the Android 1.0 web browser: the browser may be exploited by visiting a malicious page, so that an attacker can run arbitrary code with the same privileges of the web browser application. It seems that this vulnerability was found and fixed some time ago, but it is still in the Android code due to the fact Google did not use the most up to date versions of all the open source packages that are used in the current version of the platform.

We can console ourselves :mrgreen: by knowing that the impact of this attack is somewhat limited thanks to the Android sandboxing mechanism of each applications with respect to the phone's enviroment. Apple's iPhone, for example, does not have this feature and all the phone's features can be accessed by means of a compromised application.


Top
 Profile  
 
 Post subject: Re: Security vulnerability in Android web browser
PostPosted: Tue Oct 28, 2008 1:56 pm 
Offline

Joined: Thu Dec 27, 2007 6:09 pm
Posts: 65
Hi all,
don't be too much worried: Google has already patched this security hole in the Android code: the patch has been also already released to G1 users by means of an OTA (over the air) software update the day after the official launch of the phone.

How-to check the software version currently used: Menu -> Settings -> About phone -> Build number.

First original G1 release: RC19 (security hole present) :twisted:
Updated G1 release: RC28 (security hole fixed) :mrgreen:


Best,
barban


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

Topic Tags

Android G1, Apple, application, bug, fix, how-to, Iphone, OTA, release, sandbox, security, vulnerability, web browser


All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
phpBB SEO

This site is not affiliated with nor endorsed by the Open Handset Alliance.
All trademarks and logos used in this site are of properties of their respective owners.