Monday, 22 September 2014

Check if your Android device is affected by the vulnerability SOP

 Android deviceA quarter of users with devices Android, uses the latest Android 4.4 version. All others use older versions.

The systems have not been upgraded since the manufacturers of the devices can not provide timely updates to devices. So often created security problems. A security flaw recently discovered in Android Browser reminds us why the difficulties manufacturers provide updates is an important problem. The Android Browser is the default web browser for Android devices. This changed after the release Android 4.2 when the default browser Google Chrome.
The Google Chromium changed in the Android 4.4 and this means that whoever does not use version 4.4 is exposed to the bug.

What causes the vulnerability 
When you visit a website, you can expect to provide you with fast content. A script (script) running on the site should, for example, may not be able to modify the contents of another site. This defect is found to occur in the Android Browser.

The Same Origin Policy (SOP) (or Greek Same Origin Policy) is a safety device designed to prevent the JavaScript to be executed from a web page to another. JavaScripts running in malicious sites will not be able to recover data from "good» sites.

This is the Android Browser when the browser is used by applications that could potentially steal sensitive data. Data such as cookies can be stolen by this vulnerability.

Check your device 
To check if your device is vulnerable visit the following website and click test to find out if you are affected.

http://ejj.io/SOP.php

If you get a popup message that your browser is vulnerable, be sure to immediately change browser.

The problem 
The Google is working on a patch to correct the problem. Placing the patch but the end user will be complicated. The main reason is that these kinds of updates responsibility lies with the manufacturer of the device.

Given that support devices usually ends after two years, it is unlikely that all vulnerable devices will receive the update.

To make things even worse, the switch to another browser like Firefox or Chrome the affected devices only solves part of the problem. Although the browser is safe, the applications running on the device can still use the default browser is of course the Android Browser.

0 comments:

Post a Comment

We are eager to see your comment. All comments will moderate by the hand of man, and all links are nofollow.