Research Login

Click here to get to the Research Community

Experton Group News

New IE Bug Unpatched; 1/4 of AV Apps Not Installed or Working Properly

AT&T to Develop Femtocells; Verizon Increases rate of LTE Development

Partner Matters

Cisco and HP News

Not one but two new Bluetooth standards promised for high data rates

New Security Products/Services to Protect Dramatic Increase in Security Activity

Virtual Desktops are Virtually Here

Monthly Research Update

Experton Group Weekly IT News

Bug in G1 Android Phone; Hackers Publish Windows Attack Code

By: Jerald Murphy

Security researchers recently found and published a security vulnerability in T-Mobile USA Inc.'s G1 smart phone that exploits a weakness in Google, Inc.'s Android operating system. In other news, a group of hackers published an exploit that Microsoft Corp. recently did an out-of-cycle emergency security patch for, while a published research paper uncovered a new way to force valid applications to become platforms for security exploits.

Focal Points:

Security researchers have uncovered a vulnerability in the Android operating system that can be used to hack into T-Mobile G1 smart phones. The people that discovered the bug did not come out with details on how to exploit the weakness, but did state that the problem was related to buffer overflow conditions that could trick users into going to malicious sites. The G1 is the first phone sold that is based on the Google Android operating system. The researchers notified both vendors of the flaw, and will not release more details until a patch has been installed. Android uses over 80 open source packages, and the vulnerability is in an older version of one of these packages that Google put into its mobile operating system. A similar problem happened with Google when they used an older version of WebKit in building its Chrome Web browser.
Hackers recently published attack code for the new bug that was recently discovered in Windows Server 2003, Windows XP, and Windows 200. The bug makes it possible to perform remote code execution in those systems. The out of cycle patch came about when Microsoft officials learned that the exploit code existed, and that the code was published on the Web. While Microsoft officials confirmed the existence of the exploit code, their own research with the code always resulted in a denial of access to services. Officials further stated that they have seen limited attacks on the Internet, even in the presence of the newly published exploit code. Officials said that users that put on the patch in MS08-067 are protected against the published exploit.
A new research paper published by researchers from the University of California at San Diego (UCSD) described a technique that allows hackers to bypass built-in system defenses that are designed to block malware, enabling hackers to execute rogue instructions directly from inside the attacked application. This can then cause the application to attack the system it is running on. One scenario described by researchers is to force a Web browser to spam the address book of a user with the actual browser code.

Experton Group believes more security exploits are going to be found on Android, given the large amount of public open code that is used in the system that is easily accessed by hackers to develop custom exploits. The new researched method for embedding exploits into legitimate code is far more worrisome, and will require IT executives to work with security personnel to develop a new way to continuously check for application vulnerabilities.

<- Back to: Home