Skype released an update to its Android app this morning, remedying the vulnerability which exposed tons of personal info that we revealed last week. Our own Justin Case who originally found the issue has taken a look at the updated version of the app and confirmed that the exploit he developed to demonstrate the vulnerability no longer functions.
Specifically, Skype has changed the permissions of the databases (which contain the personal information) in question. Read More
Update #1: Skype is investigating the issue, we've been told.
Update #2: Skype's official first response can be found here.
The safety of our personal information is often a concern of mine - who has my email address, my phone number, my date of birth? How can I keep my private information safe while still enjoying the internet? These concerns have prompted me to take a deeper look at Android apps more than once, and often this can yield some frightening information. Read More
With a great plugin comes great responsibility - to avoid malicious Flash files, that is. A zero-day exploit has been discovered in Adobe Flash that affects all Android versions of the software, Adobe announced today.
The most common vessel for the exploit is (fortunately) a Microsoft document (.doc) email attachment with an embedded Flash file (.swf) - and I'm not aware of any Word document viewers/editors in Android that support embedded Flash. Read More