Serious New Vulnerability Found In Chrome For Android

By 12:48 Thu, 29 Jul 2021 Comments

A recent vulnerability has been found (and thankfully, contained) by Qihoo 360 developer Guang Gong who had been working on the exploit for three months before demonstrating it at the PacSec conference in Tokyo.

The exploit worked by targeting the Chrome app’s JavaScript engine and installed a BMX bike game. Without requiring interaction of the user, the vulnerability demonstration exemplified complete control of the device. All the user has to do is visit a site that contains the vulnerability and the JavaScript hack will hold care of the rest.

Google had a representative at this conference who was able to see the bug working in action. As reward for Gong’s work, he will be flown all the way to Vancouver for the CanSecWest Applied Security Conference where he will go on a ski trip.

Thankfully this vulnerability can be patched through a Chrome update through the Play Store, unlike Stagefcorrect which required a software patch to the OS.

Most people are careful about the kinds of sites they visit. Particularly sites offering copyrighted material for free can be riddled with malware and virus links.

Source | Via



Related Article



Please LOGIN or REGISTER To Gain Full Access To This Article