Chrome Exploit Puts Android Smartphones at Risk

A security researcher who uncovered a high-risk exploit in Chrome for Android has received more recognition this week after demonstrating how the vulnerability works at a security conference in Tokyo. Late last year, Guang Gong, a researcher at 360 Total Security, uncovered a vulnerability that could be used by hackers to gain system server privileges on Android devices.

Yesterday during the PacSec conference in Japan, Gong demonstrated how the vulnerability could enable someone to gain control of a smartphone -- in this case, Google's new Nexus 6 -- through a JavaScript v8 vulnerability in Chrome, and use it to install an application without any interaction by the phone's owner. To date, the bug has not been reported in the wild.

A Google spokesperson told us today that a fix will be released soon. "Congratulations to Guang Gong and thank you for ultimately making the Android and Chrome ecosystem safer and stronger," Google said. "The Chrome bug has been fixed and will go out in the next few weeks with the next version of Chrome."

Potential for Google Bounty

According to a report in The Register, the exploit demonstrated by Gong is notable because "it is a single clean exploit that does not require multiple chained vulnerabilities to work."

The article quoted PacSec organizer Dragos Ruiu as saying, "The impressive thing about Guang's exploit is that it was one shot; most people these days have to exploit several vulnerabilities to get privileged access and load software without interaction."

Gong's findings could earn him a potential bounty from Google. Under the terms of Google's current Android Security Rewards Program, the monetary award could include a base amount of $1,000 for uncovering a high-severity vulnerability, as well as additional rewards of $10,000 to $30,000 or more for exploits involving physical or remote access to a...

Comments are closed.