“Fresh from sorting out the Stagefright flaw, Google has another serious security vulnerability in Android on its hands. A privilege escalation hole allows normal apps to gain superpowers to snoop on a device’s owner, smuggle in malware, and wreak other havoc. The vulnerability, CVE-2015-3825, affects about 55 per cent of Android handsets – basically version 4.3 and above, as well as the current build of Android M. Flaws in the OpenSSLX509Certificate class in Android can be exploited by an app to compromise the system_server process – and gain powerful system-level access on the device.”
http://www.theregister.co.uk/2015/08/10/another_android_flaw_hitting_55_percent_handsets/
Related posts:
Researchers demonstrate first backdoor "hack" into the human brain
Jim Rogers: Financial Calamity - It's Coming, Be Worried, Be Careful
A Company That Performs in all Markets
Bitcoin Transcends Novelty Status
Government Shutdown: An Oxymoron for Real Morons
SWAT Team Kills Armed Homeowner in Dawn Drug Raid
Don’t Get Fooled Again — It’s Time to Dump Bonds Now
“The Internet Police” Shines a Light on the Online Surveillance State
Capital Controls and a Bank Holiday in Greece
NSA building a ‘quantum computer’ to break all forms of encryption
Don’t Worry, the Government Still Has Plenty of Surveillance Power
Japanese Bitcoin Exchange Shuts Down After $723M Stolen
"Polish" Death Camps and Censorship's Unintended Consequences
TigerDirect Becomes the Latest Retail Giant to Pounce on Bitcoin
Stuxnet goes out of control: Chevron infected by anti-Iranian virus, others could be next