affiliate sing up form

Personal Information
Additional Information

Ali DP plugin

AliDropship is the best solution for drop shipping

forex

AliDropship is the best solution for drop shipping

Search This Blog

AliDropship is the best solution for drop shipping

DIGITAL ADVERTISING & SERVICES

Choose your plans

Emerald Palace Kempinski Dubai

Car Hire

amazon

Subscribe for New Post Notifications

Newsletter

Google fixes vulnerability in Chrome for Android – over three years after it was reported

via TechRadar - All the latest technology news http://bit.ly/2SyrfSv Google has quietly fixed a security flaw in Chrome for Android that wa...


via TechRadar - All the latest technology news http://bit.ly/2SyrfSv

Google has quietly fixed a security flaw in Chrome for Android that was originally reported more than three years ago.

As reported by ZDNet, the vulnerability was found by bug-hunters at Nightwatch Cybersecurity in May 2015, but wasn't addressed until Google's security staff realized that it was, in fact, a threat.

The flaw means that the mobile browser leaks information about the device it's running on, including the hardware model and firmware version – and therefore its security patch level. Chrome for desktop doesn't suffer the same issue.

Too much information

Browsers send various pieces of information to web servers as part of their normal operation, including details of the browser itself, other apps currently running, and the operating system. Unfortunately, Chrome for Android also sent the device name (such as C6606) and firmware build.

The device name might look random, but it correlates to a specific device model, and can be found easily online in readily available lists. For example, device name C6606 would be a Sony Xperia Z.

That's a security issue in itself, but the accompanying leaked firmware details are the biggest problem. 

"For many devices, this can be used to identify not only the device, but also the carrier on which it is running and from that the country," said Nightwatch Cybersecurity. "Build numbers are easily obtainable from manufacturer and phone carrier websites such as this one."

The build number can also tell attackers the device's security patch level, thereby letting them know which attacks it could be vulnerable to.

Google released a partial fix with Chrome 70 in October 2018, but the browser still releases device names and two Android components (including WebView, which is the built-in browser used by apps like Facebook) still leak the firmware build number.

COMMENTS

EDUCATION$type=complex$count=4

Name

1988 Atlantic hurricane season,1,2017–18 Bergen County eruv controversy,1,All things,1,Amazon,89,Amazon.com: Best Sellers,14,Amazon.com: Best Sellers in Beauty & Personal Care,14,Amazon.com: Best Sellers in Clothing,61,Analisi Fondamentale,4,Analisi tecnica,9,Andrea Doria-class battleship,1,apple,51,Apple Newsroom,51,article of the day,198,Automated analytical tool for your forex trading account,292,Banded stilt,1,Battle of Verrières Ridge,1,bbc news,5128,BBC News - World,5128,beauty,14,Beta-Hydroxy beta-methylbutyric acid,1,Britomart Redeems Faire Amoret,1,Buckton Castle,1,BUISNESS,128,business,653,C. R. M. F. Cruttwell,1,car insurance,1,Cloud (video game),1,Cooperative pulling paradigm,1,DailyFX - Feeds all,301,DailyFX - Forex Market News,145,digital marketing,2,Dilophosaurus,1,Discovery Education,151,Education,359,education Learning In Wonderland,21,Education Week: English Language Learners,17,Emily Davison,1,Equestrian statue of Edward Horner,1,ESPN,73,Euryoryzomys emmonsae,1,Fantasy Book,1,fashion,30,Ford Piquette Avenue Plant,1,forex,2,Forex Calendar,292,Forex Market,145,Forex news,11,FOX NEWS,246,Fundamental Analysis,4,FX Analyst Articles,301,Gadgets360 RSS Feeds : RSS Feed - NDTV Gadgets360.com,4411,Grand Duchess Anastasia Nikolaevna of Russia,1,Happy Chandler,1,Harry R. Truman,1,Hilary of Chichester,1,Hogwarts Express (Universal Orlando Resort),1,Hurricane Daniel (2006),1,Ice drilling,1,IFTTT,508,internet marketing,1,Interstate 80 in Iowa,1,King Island emu,1,latest news,7786,Law,1,law.,1,M-35 (Michigan highway),1,market,623,Megalodon,1,Meteorological history of Hurricane Gordon,1,Moneycontrol Technology News,491,Monroe Doctrine Centennial half dollar,1,Monroe Edwards,1,More Hall Annex,1,Nat Geo Education Blog,67,National Geographic Education Blog,99,Nelson Mandela,1,Neville Chamberlain,1,news,5914,Nigel Williams (conservator),1,Nike-X,1,Norma (constellation),1,Norodom Ranariddh,1,Notizie Forex,11,Ontario Highway 61,1,Percy Grainger,1,Peter Jeffrey (RAAF officer),1,Pioneer Helmet,1,Ramesses VI,1,reviews TechRadar - Technology Reviews,2,Russulaceae,1,Science-Fiction Plus,1,SEO,1,Shoes & Jewelry,61,Shorwell helmet,1,Simone Russell,1,Small-toothed sportive lemur,1,Snoring rail,1,Social forex community,292,Social media marketing,1,Somerset Levels,1,South Carolina-class battleship,1,SPORT,61,Stefan Lochner,1,stock,1,Suillus spraguei,1,Teach123,5,tech,3834,tech reviews,3465,TECH TechRadar - All the latest technology news,23,Technical analysis,9,Technical Analysis DailyFX - Technical Analysis,65,technology,198,techology,379,TechRadar - All the latest technology news,6015,TechRadar - Technology Reviews,1085,the new york times,2658,The Portage to San Cristobal of A.H.,1,Trade,1,vr,1,Wally Hammond,1,Waterloo Medal (Pistrucci),1,weight loss,2,Westminster Assembly,1,wikipedia,198,X-10 Graphite Reactor,1,
ltr
item
TECHNICAL MUKHTAR: Google fixes vulnerability in Chrome for Android – over three years after it was reported
Google fixes vulnerability in Chrome for Android – over three years after it was reported
https://ifttt.com/images/no_image_card.png
TECHNICAL MUKHTAR
https://technicalmukhtar.blogspot.com/2019/01/google-fixes-vulnerability-in-chrome.html
https://technicalmukhtar.blogspot.com/
https://technicalmukhtar.blogspot.com/
https://technicalmukhtar.blogspot.com/2019/01/google-fixes-vulnerability-in-chrome.html
true
709309995759877420
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy