People who use Android need to know about a harmful new Google Chrome bug since research shows it may affect millions of individuals worldwide.
Once more, people who like Android have received a warning about a new safety hazard. This time it affects Google Chrome browser, which is a leader in the market. Early this week, the Mountain View company presented patches for several severe anomalies. Allegedly, hackers ‘actively’ misused two of them. VC-2020-16010 is one of the weaknesses that affect Android devices. According to research, 50% of the people who use Android in the world were susceptible to this risk. The team members at Project Zero security reported Chrome’s weakness, which affects the browser’s Android version. This weakness is a result of a buffer overflow that is heap-based. It happens when Android Google Chrome produces malicious HTML content.
When this Google Chrome is effectively misused, the weakness can enable an attacker to compromise an Android device ultimately. Lookout mobile security experts have studied this weakness further and disclosed the considerable effect of a fruitful exploit.
Lookout stated that using the CVE-2020-16010 weakness could help a threat actor to move from the Chrome sandbox and enter the browser’s capabilities. It evades the need to root the device to damage it.
As a result, it would enable an evil actor to reach any browser’s capability, such as location information, camera and microphone, browsing history, etc. Lookout also carried out studies to check the number of people that this Google Chrome anomaly has impacted.
During their research, Lookout approximated that 50% of Android devices around the globe were using a Chrome version that is prone to the weakness. If it’s true, then a substantial number of Android users are in danger from this latest Chrome weakness.
Hank Schless, Lookout’s senior manager of security solutions, told Express.co.uk, ‘Due to this weakness’s magnitude and seriousness, Google immediately presented a patch in the Chrome App’s latest version immediately after noticing the CVE. At Lookout we comprehend the serious aspects of problems like this because we secure a broad mobile user base. 24 hours after Play Store availed Chrome’s updated version we noted that around 50% of Android users updated their app.’
‘The ones who have not updated the app either lack active automatic updates or have a device that is too old to sustain the updated software. Old mobile devices pose the same danger as out of date apps. To some extent, mobile hardware is unable to support the latest software.’
‘It makes the user’s personal or work information accessible to attackers who take advantage of the weaknesses patched in the mobile app or operating system’s later versions.’
Lookout utilizes an all-inclusive vulnerability and patch management database consisting of almost 200 million devices and more than 120 million apps. It is a significant sample of the total Android user base, which is used in their study (overall, it is more than two billion devices throughout the world).
Schless talks about how dangerous it is for Android users not to upgrade to the newest Chrome version. He says, ‘A fruitful exploit enables the actor to reach any of the Chrome browser’s capability.’
It includes a microphone and camera, browsing history, location data access, etc.
‘As each Android device has Chrome installed as the default browser, the danger extends to all Android users. Even if the device’s owner does not use Chrome as their default browser, the app’s outdated version makes them susceptible.’
Schless gave Android users tips on safeguarding themselves and said there is a simple step they can take; to ensure they update their apps and devices.
The Lookout security stated, ‘The simplest method to protect yourself from mobile weaknesses, in apps as well as operating systems, is to update to the newest version at all times.
‘Switching on automatic updates is the simplest manner of ensuring your device has the latest software. Mobile devices offer an novel and unique element of danger for personal and business users.’
‘Wherever we go, we carry our tablets and smartphones, trusting that they are completely safe.’
‘We believe in mobile devices as we use them throughout for work and personal jobs. However, it means that they carry an incredible amount of data about our work and our lives.’
‘This emphasizes how crucial it is to have each of your mobile devices installed with a mobile security tool. We all use anti-virus to protect our laptops and desktops. So, why not take similar measures on mobile?’
image Ink Drop / Shutterstock.com