A huge security flaw has reportedly been found in Android's browser, and as many as half of users could be at risk, reports ConsumerAffairs.
The problem has apparently been around since last month, but was more recently written about by IT security firm Rapid7 in a blog post. Dubbing it a "privacy disaster," the firm claimed that one of its researchers has been able to exploit the flaw, and that it puts users at serious risk of having their data stolen.
Earlier in September, Rapid7's Joe Vennix said: "I did not believe this at first, but after some testing it seems true: in AOSP browser before Android 4.4, you can load javascript into any arbitrary frame or window [...]"
This "arbitrary website" could be one controlled by a spammer or hacker, according to the blog post, and would allow outside eyes to view the page a user is currently browsing. It could also allow the same attacker to copy session cookies or even interact with something like webmail.
Browsers ordinarily have the Same-Origin Policy that keeps websites from being able to see and interact with content on another site, but a bug in Android browsers will instead leave users vulnerable to attack.
"Any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page," the blog post continues.
"Imagine you went to an attacker's site while you had your webmail open in another window the attacker could scrape your e-mail data and see what your browser sees. Worse, he could snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf."
A report on the issue from Ars Technica estimated that around half of Android users could potentially be affected by the problem, saying:
"Android Browser is likely to be embedded in third-party products, too, and some Android users have even installed it on their Android 4.4 phones because for one reason or another they prefer it to Chrome."
