This post is contributed by AntiVirus365.net
You might want to be careful the next time you visit an unknown website on your Android mobile device. A computer security researcher has discovered a bug that could be used to attack some versions of Google’s Android device over the internet.
According to M.J. Keith, a security researcher with Alert Logic, the attack targets the browser in older, Android 2.1-and-earlier versions of the phones. The bug used in Keith’s attack lies in the WebKit browser engine used by Android.
But thanks to how Android operating system is built, the browser exploit does not allow full, root access to a hacked phone. But the hack gives access to anything that the browser can read including browser history, SD card and more.
The issue does not affect Android 2.2 or later versions but only about 36% of the Android devices in the market runs version 2.2.
Third party Android browsers such as the Skyfire and Opera Mini are probably safe from these attacks.
Google is aware of this vulnerability but declined to comment.
Technical details of the exploit can be found here- Android 2.0-2.1 Reverse Shell Exploit