Are you an Android user? If so then this article is for YOU! A new Android vulnerability, which could allow attackers to view open Web pages on your Android Web browser or hijack your online accounts, has recently been uncovered, and may impact as many as 75 percent of all Android users.
Uncovered earlier in September this vulnerability affects any Android version below 4.4. The bug in the Android Open Source Project browser (or AOSP browser—a browser that Google no longer supports), could be exploited by an attacker, who finds a way of convincing an Android user to visit a malicious website. After exploiting the bug, an attacker could access any Web pages that are open in other windows on the browser, or they could steal a copy of the user’s session cookie and hijack the session, which could allow the attacker to gain access to a user’s other information, such as an email account.
Google has since released patches for this problem but only 25 percent of Android device owners use the latest version Android 4.4 KitKat, which means that the vast majority of users could be vulnerable, unless they have installed the updates.
So far, there have been no reports or evidence that anyone has exploited this vulnerability; but just to be on the safe side, follow the tips below to help keep your information private and secure.
What you can do to avoid getting hacked:
- Avoid using your AOSP browser for any reason.
- If you device supports it, upgrade your browser to Google Chrome. Chrome users are not affected by this bug.
- Don’t click on suspicious links on your phone.