There’s more bad news for the Android ecosystem from a security perspective. Guang Gong, a security researcher employed by Quihoo 360, has presented findings at this year’s PacSec conference in Tokyo that demonstrates a serious vulnerability in the Android platform. The vulnerability that can easily be exploited by those with the correct knowledge is accessible thanks to a gaping security oversight in Android’s native Chrome browser, but is made even more terrifying by the fact that it applies to every single version of Android with the latest version of Chrome installed.
What further adds to the scare posed by this vulnerability, is the relative ease and speed with which it can compromise a device no matter what version of Android or Chrome browser its running.
PacSec organizer Dragos Ruiu, who was present on the PWN2OWN panel that was privy to the presentation given by Gong, discussed the sophistication of the techniques used:
(Source: The Register)