Android Browser Bug Puts Privacy at Risk2014-09-18 09:18 by Daniela
Tags: Android, security
A potentially serious security flaw has been discovered in the default Android Browser, and could allow a user to bypass the Same Origin Policy (SOP) security measures. The vulnerability affects devices that run Android versions older than 4.4 or roughly 40 to 50% of all Android users.
The bug reads cookies and password fields, and can extract a wealth of personal information, and easily interfere with other sites' content. Google said it is working on the problem, but when, or how, a fix will be made remains unclear. Any updates to the app, which comes bundled with older Android phones, must be done through operating system updates - so the availability of the fix may be hindered upon its initial release.
At the moment, users can protect themselves by dropping the Android browser and start using an alternative one that is sure not to be based on the same code: Firefox, Opera and Chrome.
Read more -here-