Android phones using Bing under threat
Cyber security sleuths have alerted Android software based mobile phone users against a suspicious activity being detected in the commonly used search engine 'Bing' on Internet-enabled communication devices.Updated: Feb 18, 2014 16:10 IST
Cyber security sleuths have alerted Android software based mobile phone users against a suspicious activity being detected in the commonly used search engine 'Bing' on Internet-enabled communication devices.
Terming the severity of the malfunction as "medium", the Indian cyberspace security agencies have alerted users that a possible attack of the virus could "compromise" sensitive information of the owner stored on the phone.
The systems that is found affected is the 'Microsoft Bing version 4.2.0 and prior on Android'.
"Arbitrary code execution vulnerability has been reported in Microsoft Bing for Android which could allow remote attackers to execute arbitrary code and install arbitrary APK (Android application package file) on Android devices," an advisory issued by the Computer Emergency Response Team-India (CERT-In) said.
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain.
Describing the abnormal activity, the agency in its latest advisory said "a flaw has been reported in Microsoft Bing for Android which could trigger while handling DNS (domain name system) responses on an insecure network."
"An attacker could leverage this issue to executing arbitrary code within the context of the application. Successful exploitation of this vulnerability could allow an attacker to install arbitrary APK files via vectors involving a crafted DNS response, leading to the compromise of the device and resulting in information disclosure," the agency said.
Cyber security experts said Android phone users taking the help of Bing to surf the Internet should update their existing versions and deploy proper anti-virus on their systems.
First Published: Feb 18, 2014 16:05 IST