Android devices with NFC chips are vulnerable to remote takeovers via a small device that, when “paired” with a smartphone or tablet, executes malicious code to gain access to the affected handset. This flaw in the Android browser was revealed during the Black Hat security conference in Las Vegas this week, and the discoverer of the flaw is using the opportunity to encourage Google to fix the problem as soon as possible.
In fact, the problem is already fixed in Jelly Bean, which comes with Chrome as a default browser. The problem is that millions of devices are stuck on Gingerbread, while Ice Cream Sandwich still uses the stock Android browser by default. Once the majority of customers move over to Chrome for Android, the problem will sort itself out.
As a result of these potential harmful exploits, many security experts are advising companies to steer clear of Android unless the handsets are running the latest version of the operating system.