News

Google no longer closes leaks in stock browser Android 4.3 and below

By admin
Spread the love

Google would no longer want to fix security vulnerabilities in older versions of Android’s default browser. This makes users of outdated devices especially vulnerable to cyber criminals.

According to The Wall Street Journal, it concerns the stock browsers of the mobile operating system up to and including Android version 4.3, which is also known as Jelly Bean. Google figures show that sixty percent of users with a Play Store app have an outdated version.

The browsers run on an old version of WebView, which is used for rendering pages. Google replaced that component in more recent versions with a variant based on the Chromium browser engine. Google allegedly told Rapid7 that browsers that don’t have that engine are too old to support it any longer. This concerns software on third-party devices.

Rapid7 develops the popular Metasploit hacker toolkit. That kit already offers exploits to attack, among other things, stock browsers with WebView. In addition, vulnerabilities for the stock browser regularly crop up. For example, last year up to and including version 4.3, it was vulnerable to a serious bug in which the websites could read the content and cookies of other web pages via javascript.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support