A researcher at North Carolina State University is warning of an
Android 2.3

security vulnerability that gives attackers access to your personal information,
further proof

that Gingerbread isn't all sugar and spice (to be fair, that SMS issue has since been

). According to Xuxian Jiang, the bug allows malicious websites to access and upload the contents of a user's microSD card, including voicemails, photos, and online banking information to a remote server. The flaw apparently resembles a similar bug in previous version of Android, thought to have been addressed with Gingerbread. However, as Jiang points out, that fix is easily bypassed. Apart from removing the microSD card, disabling JavaScript, or switching to a third-party browser, Android 2.3 users have little recourse in squashing the bug. The folks at eWeek reported that Google is working on a solution to the problem, but there's no word on when we can expect to see an update.
Android 2.3 security bug shows microSD access vulnerability

originally appeared on

on Sat, 29 Jan 2011 10:57:00 EST. Please see our
terms for use of feeds



Email this