Patch For Android Security Flaw Released By Google And T-Mobile
During the weekend, Google has started issuing a patch to tighten up a well-publicized security hole in its Google Android mobile operating system. The patch is being pushed out to users in the form of a system update and users are given a choice to update now or later. The flaw and the PoC were communicated to Google on October 20th, with the vulnerability itself made possible due to Android’s use of outdated third-party software packages.
Users of the G1 Android phone on Friday have begun receiving a software update that fixes a flaw that security researchers found earlier in the week. The update included the fix to the browser vulnerability and a couple of other minor changes as well, said Michael Kirkland, a Google spokesman. Every user of the G1 may not have gotten the update yet but should within a short time frame, he said.
At the time the exploit was discovered, ISE principal analyst Charlie Miller said he’d keep the specific details of it under wraps until Google issued a fix.
The revelation of the security hole came roughly a week after Google Android made its first public appearance on the T-Mobile G1, the first available device to use the open source Linux OS.
Google worked with T-Mobile USA, the only operator selling the device, to push the update out to users. The G1 went on sale last week, and T-Mobile has not disclosed how many have sold so far. While not all users have received the update yet, Google has said it will roll out the patch progressively. All updates are expected to be issued soon.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.