Google to fix Android security flaw

Google to fix Android security flaw
Google has announced today that it is currently fixing an Android security flaw that was brought to the public's attention last week by German researchers.

The group explained on Friday that some Google account authentication tokens were apparently being sent OTA unencrypted, leaving users with their data freely available if they were on public Wi-Fi.



Hackers using simple software could steal account info for Google Calendar, Contacts and Picasa accounts.

Users with Android 2.3.4 are free of the issue, but 98.4 percent of Android devices run Android 2.3.3 or lower, making the fix useless for the vast majority.

Google has begun rolling out the server-side patch this week for Android 1.5 - 2.3.3, and it will be completed by the end of the week.

Says Google, via CW:

Today we're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.


Written by: Andre Yoskowitz @ 18 May 2011 14:38
Tags
software Google patch Android
Advertisement - News comments available below the ad
  • 2 comments
  • biglo30

    Thats what I like about google, they are quick to react and get this exploit fixed.

    18.5.2011 23:19 #1

  • hearme0

    Originally posted by biglo30: Thats what I like about google, they are quick to react and get this exploit fixed.

    What????..............and Microsoft isn't???????

    C'mon, it only took MS 10 years to figure out that security breaches need to be fixed.

    19.5.2011 12:03 #2

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud