GSMArena.com GSMArena.com

Tip us
887k
153k 62k
1m
RSS
Log in

Login

I forgot my password Sign up
  • Home
  • News
  • Reviews
  • Videos
  • Featured
  • Phone Finder
  • Tools
  • Glossary
  • Coverage
  • Contact
Apple iPhone 11 review

Serious new vulnerability found in Chrome for Android

  • Post your comment
  • Comments (28)

Ricky 14 November, 2015

Web browsers Android Google

A new vulnerability has been found (and thankfully, contained) by Qihoo 360 developer Guang Gong who had been working on the exploit for three months before demonstrating it at the PacSec conference in Tokyo.

The exploit worked by targeting the Chrome app’s JavaScript engine and installed a BMX bike game. Without requiring interaction of the user, the vulnerability demonstration exemplified complete control of the device. All the user has to do is visit a site that contains the vulnerability and the JavaScript hack will take care of the rest.

Google had a representative at this conference who was able to see the bug working in action. As reward for Gong’s work, he will be flown all the way to Vancouver for the CanSecWest Applied Security Conference where he will go on a ski trip.



Thankfully this vulnerability can be patched through a Chrome update through the Play Store, unlike Stagefright which required a software patch to the OS.

Most people are careful about the kinds of sites they visit. Particularly sites offering copyrighted material for free can be riddled with malware and virus links.

Source | Via

Related articles
  • Microsoft's new Edge browser based on Chromium is now ready to download Microsoft's new Edge browser based on Chromium is now ready to download
  • New Chrome version for Android makes the dark theme more accessible, adds password generator New Chrome version for Android makes the dark theme more accessible, adds password generator
  • Firefox update brings variable fonts, dark mode and tracker blocking by default Firefox update brings variable fonts, dark mode and tracker blocking by default
  • Chrome will label all HTTP pages "Not secure" from July Chrome will label all HTTP pages "Not secure" from July

Reader comments

D
  • AnonD-81610
  • 3pw
  • 17 Nov 2015

... he will be flown all the way to Vancouver for the CanSecWest Applied Security Conference where he will go on a ski trip and have a little accident (and die). :P

  • Reply
C
  • Chuck Norris
  • 2Au
  • 17 Nov 2015

Well i did not say all of the people that but iproduct for show... i said usually(mostly) people do this. and i mean a lot of them...

  • Reply
?
  • Anonymous
  • vx6
  • 17 Nov 2015

what a nice gesture. You alert a big corp about a security risk and instead of denying everything to death and bringing in the lawyers, they reward the guy for finding and fixing their bad. thumbs up.

  • Reply
  • Read all comments
  • Post your comment
Total reader comments: 28

Phone finder

  • Samsung
  • Apple
  • Huawei
  • Nokia
  • Sony
  • LG
  • HTC
  • Motorola
  • Lenovo
  • Xiaomi
  • Google
  • Honor
  • Oppo
  • Realme
  • OnePlus
  • vivo
  • Meizu
  • BlackBerry
  • Asus
  • Alcatel
  • ZTE
  • Microsoft
  • Vodafone
  • Energizer
  • Cat
  • Sharp
  • Micromax
  • Infinix
  • Ulefone
  • Tecno
  • BLU
  • Acer
  • Wiko
  • Panasonic
  • verykool
  • Plum

All brands Rumor mill

Top 10 by daily interest

  Device Daily hits  
1.Apple iPhone SE (2020)50,786
2.OnePlus 8 Pro23,363
3.Huawei P40 Pro+22,177
4.Xiaomi Mi 10 Lite 5G19,901
5.Samsung Galaxy S20 Ultra 5G19,775
6.Samsung Galaxy A5119,244
7.Xiaomi Redmi Note 8 Pro19,218
8.Xiaomi Redmi Note 818,600
9.Realme 6 Pro16,422
10.Xiaomi Redmi K30 Pro16,257

Top 10 by fans

  Device Favorites  
1.Xiaomi Redmi Note 71,079
2.Samsung Galaxy S10+948
3.Xiaomi Redmi Note 8 Pro942
4.Xiaomi Redmi K20 Pro934
5.Samsung Galaxy A50890
6.Samsung Galaxy Note10+797
7.Xiaomi Redmi Note 7 Pro761
8.Huawei P30 Pro748
9.OnePlus 7 Pro747
10.Xiaomi Mi 9676

Home News Reviews Compare Coverage Glossary FAQ RSS feed Facebook Twitter

© 2000-2020 GSMArena.com Mobile version Android app Contact us Privacy Terms of use

CDN by