The Google Chrome browser for Android has a critical security exploit discovered by IT security experts, through which any version of Android can be exploited.
A Chinese researcher demonstrated this exploit during a PacSec conference, and with his help any version of Android in which the vulnerable Google Chrome is installed can be compromised by hackers without the user knowing exactly what is happening.
Without providing details about the exploit, the researcher stated that Javascript v8 vulnerabilities are used to take over administrator rights in the victim's Android operating system, so we are talking about a major problem, the browser being installed in extremely many terminals.
The most interesting part of this exploit is that it can exploit the operating system using a single vulnerability and not multiple vulnerabilities, as happens in most hacks or jailbreak solutions, so we are talking about a major problem for Google.
The impressive thing about Guang's exploit is that it was one shot; most people these days have to exploit several vulnerabilities to get privileged access and load software without interaction. As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone.
Practically, when a user accesses a website that has the Javascript v8 vulnerability implemented, an application of any hacker can be installed automatically without the user knowing, but things will not be as serious as they seem at first glance.
Google will pay a serious amount of money to the security researcher who discovered this exploit, and Google Chrome will be updated to fix the problem, but it remains to be seen how many users will install the update to be protected before a hacker. to discover the exploit himself.
