Palm patches WebOS snooping vulnerability
2010
NEWS
Palm has fixed the reported snooping vulnerability that allows a specially-crafted vCard to record and transmit conversations to a remote location.
Read this
Photos: Palm Pre and WebOS
Palm stole the show at CES, revealing the Pre smartphone and WebOS operating system
Read more
The flaw, which allows a perpetrator to control the recording of phone calls at will and sends them back to the source of the rogue vCard, was reported to Palm in May, according to Alex Fidgin, director of MWR InfoSecurity, the company that discovered the vulnerability.
In a brief updated statement, Palm contacted ZDNet UK on Friday to say that “the current version of WebOS fixes the security vulnerability reported to Palm”. WebOS 1.4.5 is available to users over the air.
A Palm spokesperson had previously said the company was investigating the security risk but would “not comment on specific security enquiries”.
The researchers at MWR also discovered a vulnerability in the Google Android mobile operating system that allowed the web browser to be exploited if pointed at a malicious web page, resulting in the divulgence of personal details such as usernames, passwords and other sensitive credentials.
Google says the hole was patched in version 2.2 of the Android OS, otherwise known as Froyo.
Similar Posts:
- Android ‘Snake’ Trojan harvests GPS data
- HP Talks Up webOS Netbook, Just in Time for February 9 Press Event
- Google Chrome update addresses high-severity flaw
- Intel x86 Android 2.2 port due in next two months
- Some Palm Pre Profiles Get Lost in the Cloud
Comment