Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Android vulnerability exploitable in the majority of devices

Anonymous Coward writes | about 5 months ago


An anonymous reader writes "The EZ2Use attack code has been released which exploits a vulnerability that exists in Android versions prior to 4.2. Vulnerable versions are installed on the majority of Android devices and most do not have a path to a patched version. The malicious code is a drive-by malware attack which gives the attacker remote shell access to the phone's filesystem and camera.
This vulnerability and Google's inability to patch many of the vulnerable systems in use is more justification for Google's move to include new functionality in its proprietary GMS application platform where they can simply push out a patched binary that will run atop any Android version. Deprecating functionality in AOSP and re-implementing it in GMS will at least give Google a simple path to patch vulnerabilities like this."

Link to Original Source

cancel ×


Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account