Google Android vulnerable to drive-by browser exploit

Google Android vulnerable to drive-by browser exploit

Summary: The Google Android operating system is vulnerable to a serious security vulnerability that allows malicious hackers to launch drive-by browser attacks, according to alert from a security research outfit.Technical details of the vulnerability, which occurs because Google Android uses an unpatched open-source software package, is being kept under wraps until a patch is available.


Google Android vulnerable to drive-by browser exploitThe Google Android operating system is vulnerable to a serious security vulnerability that allows malicious hackers to launch drive-by browser attacks, according to alert from a security research outfit.

Technical details of the vulnerability, which occurs because Google Android uses an unpatched open-source software package, is being kept under wraps until a patch is available.

[ SEE: Android security team appeals to hackers ]

Google was notified of this issue on October 20th, 2008.

According to a warning from Independent Security Evaluators (the company that found the first iPhone code execution flaw), this particular security vulnerability "was known and fixed in the relevant software package," but Google used an older, still vulnerable version.

The Google Android OS powers the T-Mobile G1 by HTC, a device that's currently in stores in the United States.

[ SEE: Research firm: Google Android SDK has multiple vulnerabilities ]

  • A user of an Android phone who uses the web browser to surf the internet may be exploited if they visit a malicious page. Upon visiting the malicious site, the attacker can run any code they wish with the privileges of the web browser application. We have a very reliable exploit for this issue for demonstration purposes.

The researchers, however, acknowledged that the impact of this attack is "somewhat limited" because of the way Google Android is designed.

  • A successful attacker will have access to any information the browser may use, such as cookies used for accessing sites, information put into web application form fields, saved passwords, etc. They may also change the way the browser works, tricking the user into entering sensitive information. However, they can not control other, unrelated aspects of the phone, such as dialing the phone directly.

Topics: Android, Browser, Google, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • "somewhat limited"?

    [i]A successful attacker will have access to any information the browser may use, such as cookies used for accessing sites, .....However, they can not control other, unrelated aspects of the phone, such as dialing the phone directly[/i]

    At least if my phone was dialing, I would know I have been hacked and could turn it off.

    Retrieving my information and accessing my person data from their own computer would leave me no way of knowing if I was hacked or not.
    • I'm curious

      I wonder what adjectives would have been used had this been a WM vulnerability?
      • Now the NSA is anti-MS?

        I think they used the appropriate adjective. Its limited to what the browser can do.
  • RE: Google Android vulnerable to drive-by browser exploit

    Sooo, it's a browser hack, right? Which browser?
  • RE: Google Android vulnerable to drive-by browser exploit

    Never mind, found it. It's a suite that also runs Safari.
  • Clearly...

    ...those who are using Microsoft software should get away from it as fast as possible. This is the act of a monopolistic corporation with no regard for their end user.

    Oh, wait, it's Google, not MS. Nevermind, they are great. If they want my personal data they can have at it.
    • Oh Ryan's Twin Brother! Sounds the Same!!! ;)

      The difference between Microsoft and Google can be
      summed up by simply looking at the Corporate Leaders!

      One is OPEN and hasn't been sued for being a Monopoly
      and/or Breach of Contract. Which Microsoft has been and
      has lost both. Meaning that Bill Gates just had a severe
      lapse of memory in court on those 100sum, "I don't
      recall" answers in court or he was lying like he always
      does when put on the spot!

      What you are accusing Google of is exactly what
      Microsoft has done since it was formed. Lie, Cheat, and
      Steal in their efforts to create that Monopoly they
      still have!

      ....And that on these Insane Corporate Advertised
      Embrace, Extend, Extinguish!

      Look at pictures of M$ CEO Steve "Monkey Boy" Balmer,
      (who knows very little about his own company's
      products). Then look at a picture of Dr. Eric Schmidt,
      who himself has worked for all the companies that at
      some time in history have been victims of Microsoft's
      Embrace, Extend, Extinguish modus operandi. Then you'll
      know why people will trust Open Google over Microsoft's
      Closed Crooked Balmer Ways!!!

      Dr. Schmidt has worked for Sun Microsystems, Novell, and
      formed the most successful Search Engine Tool in History
      (Google)! .....and when we speak of Dr. Eric Schmidt, we
      better include the fact that he also wears many other
      hats that include being on the Apple Board of Directors.

      Does it sound more like You and Ryan are coming off the
      same ignorant page? :D
  • What a Croc, Ryan! Showing Your Bias!!! ;)

    Ryan likes to yell "Fire" even before the match is
    ever lit! LOLz

    First off, "Drive-by" Exploits are nothing new for
    literally every single browser out there at some point
    in their life and this was done in a lab under ideal
    conditions before we have full release of the product.
    It's still Beta people!

    Second is that the Android Browser Base is the same
    exact code that makes up Chrome, Safari Browser on
    iPhone and OS-X. That being Open Source code developed
    by KDE (of KDE Desktop UI) called Webkit Browser
    Development Tools!

    There isn't a time in any Browser's Life that there
    isn't some kind of vulnerability or possible
    exploitable feature. Microsoft leaves many of these
    unpatched all the time even for years. Do we hear
    about that from Ryan? No! Firefox (OpenSource) keeps
    updated by far the best of any present browser out
    there. If they discover an exploit, they fix it

    Since Android is just getting out of the starting
    gate, there is nothing to be alarmed about here
    (except in Ryan's evil M$'ed mind). It'll get fixed
    sooner than he thinks, so he's yelling FIRE for

    But what's the reason for Ryan's yelling FIRE (that
    will most likely be fixed before half the comments get
    entered here)? None! He's doing it under a hidden
    agenda. That includes discounting anything other than
    his beloved Microsoft! Do you think he might be
    getting some greased palm action, from M$'s Billion
    Dollar Viral Marketing Funds? He'll never tell! ;)
    • Sigh....

      Amazing how bias works. Remember when the iPhone first came out and the whole country was in outcry over the same horrible disaster that had to be patched?

      Much ado was placed on that device and on Apples credibility for the same issues now experienced by Android. Also, it was about the same in-service time during their maiden voyage.

      Opinions are like statistics.... They can easily be altered to the benefit or dismay of the current device and those who use them.
      • Given enough information and statistics... can prove <i>anything</i>.
        Flying Pig
  • Bad writing, again!

    Since I had no idea what Android was before I read this article I'd like to stress once again that just a bit of background info would be nice in these blogs. The first paragraph should have stated that Android is the o/s running on the new google phones (if that's what it is!)
    • So True! Android Explained!!! :D

      Timeline goes something like this. Android was a Software
      Development firm in the Bay area. It had been started by
      several people who had been in the Mobile/Embedded Device
      Market before. Including the former CEO of T-Mobile. They
      were working on a Linux derived OS and it's software
      applications (as are those at Palm OS, Symbian OS,
      Blackberry Os and others).

      Android was subsequently bought by Google before product
      development was complete. They formed the Open Handset
      Alliance with a large number of those in the Consumer
      Electronics field. There are too many members to list, but
      to say Android has been developed exclusively for or by
      Google is a complete and utter exaggeration if not a
      misnomer to say the least!

      A number of the members are even bigger than Google (Intel
      for instance). They all have a hand in, on the development
      of Android with only the primary finances coming from
      Google. A far better name for it would be OHA Android. But
      Google is much more widely known. Since it's based off the
      Linux kernel and the code will remain Open Source, it can
      be better said to not be owned by anybody or best by

      Of course you know Linux itself is Open Source, but the
      kernel can be altered and made into a proprietary product.
      Nokia, who just bought Symbian are in the process of
      turning it back from Proprietary to Open Source. So the
      majority of Mobile Embedded Devices (including Cell
      Phones) actually run on some form of Linux derived OS
      kernel code. Along with NSA (National Security Agency)
      Developed Secure Linux Kernel that's incorporated into it's

      Top this all off with the simple fact that the
      "Application Programming Interface" API is OpenGL ES
      1.0/2.0 which is the largest distributed set of API's in
      the World. Few Cell Phones and even fewer Desktop PC's are
      devoid of at least some form of Khronos Group OpenGL API
      driver code (even Windows)!

      OpenGL and it's many new siblings are completely cross
      platform installable on literally every device you may
      come in contact with, that at least connects to the Web or
      has a graphical interface!

      It's what brings us all together whether we know it or
      not. From your iPhone, Blackberry, to the newest T-Mobile
      Google Android OS run Dream cell phone. It's what makes
      Android's Google Maps Street View even possible! It's what
      will have Game Console Quality Games and HD Movies playing
      on your Cell Phone in the future. What Khronos Group with
      OpenGL will be doing for us is Mind Boggling (to say the
      least), and it's far far from being just from Nvidia,
      Sony, Intel, IBM, AMD/ATI, Nokia, Google, STI, etc and so
      forth or just one member of Khronos Group or the OHA!

      And NOW with.....Android is a Completely New Open Source
      Platform that will run on most any mobile hardware device
      that OpenGL ES 2.0 can be installed on. After all it is
      not one company (Google). It is not even one entity, it's
      the beginning of an International Open Community of
      People/Users and it really belongs to US!!! ;)

      BTW ...I mentioned this for those pitting Apple against
      Google. Fact: Dr. Eric Schmidt CEO of Google is on the
      Board of Directors of Apple! Both Apple and Google are
      members of Khronos Group. Apple uses OpenGL under the same
      license as every other member and what this really points
      out (since their browsers were developed under the same
      Webkit Tools and many of their programs are going to be
      cross platform compatible, since they're Unix based), is
      the only difference will be ONE is Open and the other
      Closed (Apple iPhone)! Ride the Wave on Open Source, the
      Best Ride into Your Future!!!
      • The list of participants in the OHA Android project

        to which i2fun provides a link above is indeed impressive, but what here matters in terms of consumer confidence is how soon and how effectively the vulnerability is patched. It would be interesting to know how such matters are handled within the group ; i e, which firm(s) assume primary responsibility for dealing with problems of this type. Perhaps Ryan or Danilo or Adam could investigate this latter matter more closely and report back to us ? That, to my mind, would be constructive journalism....

  • Pity it doesn't activate the 'kill switch'

  • So safari is also at risk?

  • RE: Google Android vulnerable to drive-by browser exploit

    Thanks for the information, I passed it on my blog. You always have great postings.