About 45 percent of all Android-devices have a browser, vulnerable to two serious security problems. Such data was published by the company Lookout, dealing with the protection of mobile devices.
It clarifies Computerworld, vulnerabilities have been discovered in the last month. They allow an attacker to bypass the key security barrier SOP, which is available in all browsers. SOP does not allow scripts from one domain to interact with content in another domain. Without this restriction, attackers can create pages that load, such as Facebook or Gmail in an invisible frame that allows you to trick users to visit these pages. The purpose of this – to capture their usernames and passwords, and then offer access to personal e-mail, send a message to the Facebook page, and so on.
This vulnerability is available on devices running on Android to version 4.4. The essence of the problem – that as a staff, there is an does AOSP (Android Open Source Project). On a more “fresh” gadgets default is Google Chrome, which no longer has this vulnerability. Thus, as the researchers found, in general, about 45 percent of Android-powered devices with AOSP, are dangerous to the user a “hole.” Moreover, in Japan, this percentage twice, in Spain 73 percent of them, and in the UK – 51.
Google has released patches for vulnerabilities. In the near future, developers must make any necessary changes and released a firmware update for users. However, in Lookout note that the use of Android-powered device with a vulnerable version of the AOSP-browser does not mean that the gadget certainly is in danger. After all, users can install and use Chrome, Firefox, and other applications in which this “gap” there.