New Browser Vulnerability Discovered In iOS, Android And BlackBerry Can Give Malware Complete Control Over Your Phone
Security, or the lack of it, is very much a hot button topic these days, and nowhere more so than in the mobile space. It seems things may be getting worse before they get any better.
It seems we can’t go longer than five minutes these days without some new security or privacy scare threatening to turn the smartphone world on its head, and the latest is possibly more worrying than most.
The issue that may or may not raise its ugly head has come about because most smartphone browsers tend to all be based on the same architecture, with WebKit the underlying software beneath iOS’s Safari, Android’s built-in Android browser and the BlackBerry PlayBook’s tablet browser. The problem with that is that when a vulnerability affects one, it tends to affect them all.
That’s exactly what is happening here. Security firm CrowdStrike is planning on spilling the beans on just what the exact vulnerability is at the RSA conference that begins on Wednesday, but from what we gather the issue is that a WebKit exploit could allow the remote execution of code on infected systems, and that infection can come from simply clicking a link on a web page.
Obviously this is only half of the problem, and there would need to be a payload in order for anything too untoward to happen. The problem is, CrowdStrike claims that it has already managed to adapt some existing Android malware to be delivered in this way, which causes more concern right off the bat.
The news that existing Android malware could be used in conjunction with this vulnerability obviously suggests that Google’s OS is at more risk than others, but this does not mean that Apple, RIM and everyone else can rest on their laurels and hope nothing goes wrong. We’d expect to see updates being pushed out by everyone sooner rather than later, depending on what CrowdStrike has to say at the RSA conference and just how easy this particular hole is to plug.
Let’s cross our fingers and toes that it isn’t a biggie, but until then let’s not reach for the panic button just yet. At least, not until we know exactly what we are dealing with.