Sep 20th, 2011

About a month ago, two Android researchers were able to find two vulnerabilities within the Android OS that have yet to be addressed or patched up by Google in the latest Android updates. What exactly are these vulnerabilities?

Well, the first bug is called a “permission-escalation vulnerability” and apparently, it affects all Android users. The exploit allows for an app to be installed without a user approving of the permissions typically required when installing an app. For instance, say you were to install a seemingly harmless (but infected) app from the Market. A hacker could then use this vulnerability in Android to gain additional malicious permission privileges after an install.

The second exploit is known as a “Linux kernel privilege escalation” and it allows for an unprivileged application to escalate or gain privileges and gain full control over a device.

Last year, Jon Oberheide, one of the researchers who discovered these 2 vulnerabilities, was able to upload an app disguised as an “Angry Birds expansion pack” into the Android Market. Once downloaded, without any user knowledge or input, the expansion pack was able to install three additional apps that monitored a phone’s contacts, location information and text messages. That data could then be transmitted to a remote server. Jon “O” had this to say,

“The Android Market ecosystem continues to be a ripe area for bugs. There are some complex interactions between the device and Google’s Market servers which has only been made more complex and dangerous by the Android Web Market.”

Both Oberheide and his fellow researcher Zach Lanier plan to speak more about these Android vulnerabilities at a two-day training course taking place at the SOURCE conference in Barcelona later this year. You can find a video from Oberheide showing off these Android bugs on his Nexus S down below.

[Via TheRegister]