Chrome Allegedly Gives Root Access to Virtually Any Android Device

Category: Technology

A critical vulnerability in Chrome for Android has been reported that makes it possible for attackers to take over a device. The vulnerability was demonstrated at the MobilePwn2Own, PacSec conference in Tokyo. The researcher believes that the vulnerability affects all versions of Android capable of running the latest version of Chrome. Qihoo 360 researcher Guang Gong showcased the exploit. The vulnerability resides in JavaScript v8, Google's open source JavaScript engine. For the vulnerability to be exploited, users needs to be tricked to visit a malicious website using Chrome Web browser. An attacker is then able to install an arbitrary application and gain the full privileges of the device. He noted that the attack was "one shot exploit," essentially meaning that just one vulnerability was enough to perform the attack. The exploit worked on many other devices as well, said Dragos Ruiu, the organiser of PacSec. "The impressive thing about Guang's exploit is that it was one shot; most people these days have to exploit several vulnerabilities to get privileged access and load software without interaction," Ruiu told Vulture South. "As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone." Working details of the vulnerability haven't been disclosed, and Ruiu said that Google had been made aware of the vulnerability. Horrid checkbox download bundlers drop patch-frozen Chrome The public service announcement is simple: only install browsers from their vendors' sites, because software attics are planting malware. A download bundler has been caught unloading junk that will kill user's browser updates across the likes of Google Chrome, Firefox, and Internet Explorer. The bundler - part of what amounts to nothing short of a shameful software scourge on end-user security foisted by commercial file attics - is dropping an old version of Google Chrome and switching off automatic updates. That move not only exposes users to vulnerabilities patched in newer versions of Chrome but ensures they are open to attacks from new exploits that they will not receive. The DynamicPricer adware will drop its JavaScript guts into the Chrome's Windows AppData folder which will be loaded when Chrome executes. Malwarebytes security man Pieter Arntz sought the bundler but could only find a stand alone installer which attempted but failed to hijack and downgrade Firefox and Internet Explorer. El Reg has seen Chrome updates freeze, as a result of commercial download bundlers which were wrapped around otherwise benign software. Those bundlers are encountered on legitimate file houses and not on what most users would regard as shady or warez sites. Bundlers are designed to fool users into installing extra software by checking tickboxes by default and including difficult-to-find text. This is done with the knowledge that most will rapidly click next which will both install the software they seek and the additional crapware. Not only does this possibly expose users to adware or malware, but it also increases a user's attack surface because there is more software installed on their machine from probable lousy software houses.