We all know how popular the Android OS is and how widely its app are used. According to the report, the Google mobile OS has well over two billion monthly active users. Every piece of device running the OS, comes pre-installed with a number of Google apps and services.
A security expert discovered a shock issue with one of these Android apps and has warned users about it. It is believed that the default Google Chrome browser, comes with security vulnerability. An expert at Nightwatch Cybersecurity discovered that the Android version of Chrome could leak details about your device. Information about the device hardware, firmware version and security patch level could be leaked.
These information according to Shafranovich could be used to track users and fingerprint device. Yakov Shafranovich via an online post said;
Google’s Chrome browser, WebView and Chrome Tabs for Android disclose information about the hardware model, firmware version and security patch level of the device on which it is running. This also affects any Android applications that are using Chrome to render web content. This information can be used for tracking users and fingerprint devices.
Shafranovich said that the problem was discovered back in 2015.
While the vendor (Google) rejected the initial bug report in 2015, they had issued a partial fix in October 2018 for Chrome v70.
The fix hides the firmware information while retaining the hardware model identifier.
All prior versions are believed to be affected. Users are encouraged to upgrade to version 70 or later.
Since this fix doesn’t apply to WebView usage, app developers should manually override the User Agent configuration in their apps.
This information is coming after the shocking Facebook massive data breach, which has left the company in a deep mess.