Webkit mono-culture strikes as major browser vulnerability affects iPhone, Android and Blackberry


28, 2012

Author Surur // in News

An often heard refrain is that Microsoft should stop trying to develop its own browser rendering engine and just capitulate to webkit, the browser engine used in most of the mobile web.

Microsoft’s stubbornness is paying off today, as George Kurtz, CEO of the new security company CrowdStrike warned of a new vulnerability affecting all Webkit Mobile browsers which could give malware complete control of your phone.

He warned the malware could listen in on your conversations, view through your camera, track your location and record everything in your email and messages, and that devices can be infected by simply visiting a malicious website. Devices would even potentially be infected by SMS messages.

Kurtz has some credibility, having discovered the Chinese Shady Rat operation that compromised US government and defence contractors in 2011  while he was CTO at McAfee. He left that company after the Intel acquisition.

Kurtz is set to demonstrate the vulnerability at the RSA security conference tomorrow, but until the issue is fixed he said there is not much users can do except not to click on untrusted links and wait for updates, something which on Android especially can be an issue.

Kurtz confirmed Windows Phone 7 was unaffected.

Read more at Computer World UK here.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}