Vulnerability in Apache Cordova app framework uncovered that potentially affects 5.6% of all Google Play apps.
Exploit demonstration:
Apache have since released an official bulletin:
"A major Security issue were discovered in the Android platform of Cordova. We are releasing version 4.0.2 of Cordova Android to address these security issues. We recommend that all Android applications built using Cordova 4.0.x or higher be upgraded to use version 4.0.2 of Cordova Android. If you are using an older version of Cordova, we have also released 3.7.2 with the same fix, and we recommend that you at upgrade your project to either of these fixed versions. Other Cordova platforms such as iOS are unaffected, and do not have an update."
0 comments:
Post a Comment