CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 4th, 2008

Patch For Android Security Flaw Released By Google And T-Mobile

During the weekend, Google has started issuing a patch to tighten up a well-publicized security hole in its Google Android mobile operating system. The patch is being pushed out to users in the form of a system update and users are given a choice to update now or later. The flaw and the PoC were communicated to Google on October 20th, with the vulnerability itself made possible due to Android’s use of outdated third-party software packages.

Users of the G1 Android phone on Friday have begun receiving a software update that fixes a flaw that security researchers found earlier in the week. The update included the fix to the browser vulnerability and a couple of other minor changes as well, said Michael Kirkland, a Google spokesman. Every user of the G1 may not have gotten the update yet but should within a short time frame, he said.

At the time the exploit was discovered, ISE principal analyst Charlie Miller said he’d keep the specific details of it under wraps until Google issued a fix.

The revelation of the security hole came roughly a week after Google Android made its first public appearance on the T-Mobile G1, the first available device to use the open source Linux OS.

Google worked with T-Mobile USA, the only operator selling the device, to push the update out to users. The G1 went on sale last week, and T-Mobile has not disclosed how many have sold so far. While not all users have received the update yet, Google has said it will roll out the patch progressively. All updates are expected to be issued soon.

Share this item with others:

More on CyberInsecure:
  • Android Market Security Update Released By Google Contained Mobile Trojan
  • Hackers Jailbreak T-Mobile’s And Google’s Android Phone
  • Rogue Phishing App Spread Through Android Marketplace
  • Unpatched iPhone Bug Can Virally Infect Phones Via SMS
  • Web Sessions Over Protected Wireless Networks Can Be Hijacked With An Android App

    • Posted in Google, Hardware, Mobile, Software, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Tuesday, November 4th, 2008 at 7:30 pm and is filed under Google, Hardware, Mobile, Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Patch For Android Security Flaw Released By Google And T-Mobile

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »