A new Chrome failure may compromise any Android smartphone
It has always been said that it never rains but it pours, and in the case of security and Google’s operating system we can say it is true. Since the arrival of StageFright in two variants and now this new problem. The issue of security in Android is an increasingly sensitive issue since these StageFrigth crisis. Thus, a researcher from Quihoo 360 has recently discovered a new bug in Chrome that can affect most Android devices on the market, including newer models, if the user visits an infected platforms.
The researcher who discovered the exploit is Guang Gong, which was rewarded by PacSec, who invited him to the CanSecWest security conference in March next year to present his study on this new bug in Chrome. In addition, Google also probably pay a reward for the discovery of the error. Guang was in contact during the event with the security officer of the Mountain View company, who took into consideration his work.
The work to discover this vulnerability takes him more than three months. That is, to demonstrate that this Chrome failure has established an efficient method. With a Nexus 6, after visiting a mixed site with the uncomplicated malicious script was able to assume full control of the smartphone. In the demonstration, Guang installed a game without permission, but the danger may be much higher depending on who takes control.