Is 2015 destined to go down in history as the year we all started developing a healthy sense of fear about the state of smartphone security? Exploits like Stagefright have exposed an unprecedented number of handsets to possible attack, and every time the powers that be patch one vulnerability, it feels like we’re hearing about a new one popping up. The latest to come to our attention threatens to compromise any Android device running recent versions of Chrome, gaining full control of the platform when the user visits a malicious website.
With Chrome so pervasive on Android phones and tablets, this means that a huge percentage of the current Android user base is potentially exposed.
The good news is that as an app-based vulnerability and not one baked into the system like Stagefright, this one will hopefully be a lot easier to patch – and get that patch out to users everywhere. There’s also the critical detail that the full specifics of this exploit haven’t yet been publicly revealed, so it may well be patched before malware authors ever have the chance to take advantage of it.