Last week Independent Security Evaluators announced a flaw in Google’s Android Web browser system that could possibly allow a hacker to access information the WebKit browser might use. However, they didn’t release details of the exploit in order to give Google a chance to patch the flaw.
Although Independent Security Evaluators criticized Google for using older versions of a number of open source packages in creating its OS, it did admit that any exploit would be limited due to the “sandbox” construction of Android.
- Microsoft misses another Edge-related 90-day security disclosure deadline
- Researchers exploit flaws in two browsers installed on MacOS devices
- How Google’s ‘Project Zero’ task force races hackers to snuff out bugs
- Nowhere is safe now that AMD has suffered its own Meltdown
- Google found another critical security flaw in Microsoft Edge