Jan 31st, 2011

A researcher from North Carolina State University has uncovered a bug that we thought would be squashed by now: users are still allowed to access the contents of a user’s microSD card simply by having them visit a malicious webpage with Javascript enabled.

It’s the same bug that Google was said to have fixed a while ago, but the researcher states that their work around is just as vulnerable as the initial vulnerability. Thankfully, Google’s working on an update and worries should be quelled once they begin distributing it. Let’s hope that the “fix” actually fixes things this time around. [via Engadget]