Android device fans have now been alerted after a recent shocking issue took the user community by storm. The issue has surfaced with popular Google app. Android ranks as one among the highly used software pieces in the globe flaunting 2 Billion+ active devices running the Google mobile operating system each month.
This hugely acclaimed OS comes with several preloaded Google applications that can be used by the consumers as they turn their devices on. The security experts for Google recently discovered a shocking issue with one among its Android applications. Google Chrome stands as the default browser for any android based system.
The experts at the Nightwatch Cybersecurity found a vulnerability in Android version for Chrome that might leak significant details of the device. Critical information related to the hardware model of the device, firmware version, as well as security patch type could get leaked pending this issue. Yakov Shafranovich, the online researcher for Nightwatch mentioned that Google’s WebView, Chrome Browser, and the Chrome Tabs meant for Android could disclose the information related to hardware model, level of a security patch, and the firmware version of the device in which it has been operating.
This also tends to affect any of the Android applications which have been using Chrome for rendering web content. This leaked information can also be used to track the users and fingerprint devices. Shafranovich also warned that this can also be used for determination of the vulnerabilities affect any particular device for targeting larger exploits. The researcher mentioned that this problem was actually discovered way back in the year 2015.
He mentioned that Google has initially rejected this bug report that was provided in the year 2015. The company had issue partial fix during the month of October 2018 which was meant for the Chrome v70. This fix actually hid the information of the firmware while retaining the identifier for its hardware model.
All the prior versions of Google have been believed affected by the same. Users have been encouraged for upgrading the current version they have to at least “Version 70” or the later ones. Given the fact that this fix actually works for Android devices and don’t actually apply for the WebView usage, the application developers need to manually override User Agent Configuration for their apps.
Apart from this, news of fake apps reported over the Google Play Store has surfaced. These applications had disguised themselves in the form of scanners PDF readers, as well as converters.