New vulnerability Discovered in Chrome for Android

By on November 13, 2015

If you or your kids are using the latest Chrome Quihoo 360 version on Android, know that hackers have found a new way to exploit it according to a panel of tech bigwigs who met in Tokyo yesterday for the PacSec conference.

This means that anyone can hack into your phone and get full administrative access and have complete control of it without you knowing.

Yesterday at the conference, Chrome Quihoo 360 researcher Guang Gong demonstrated just that.  While most people have to exploit several vulnerabilities to get privileged access and load software without interaction,   Gong showed that as soon as the phone accessed the website, the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application ( a BMX Bike game) without any user interaction to demonstrate that the phone can be completely controlled. Google has been alerted and is working on a fix.

Meanwhile, Google has issued a notice recently that it is no longer issuing updates on Windows XP and Vista including OSX 10.6 Snow Leopard, OSX 10.7 Lion and OSX 10.8 Mountain Lion starting April 2016.

About Ted Tanaka