Google Fixes Rooting Vulnerabilities In Android

itwbennett writes: Google released over-the-air firmware updates for its Nexus devices Monday and will publish the patches to the Android Open Source Project (AOSP) repository by Wednesday, fixing a new batch of vulnerabilities in Android that could allow hackers to take over devices remotely or through malicious applications. The new patches address six critical, two high and five moderate vulnerabilities. The most serious flaw is located in the mediaserver Android component, a core part of the operating system that handles media playback and corresponding file metadata parsing.

Re:Ask Slashdot :

[110010001000]

A lot. Since he is using text messaging, he can receive a MMS. This MMS can do anything to your phone because of the bugs. You don't even need to open the MMS. You cant prevent getting a MMS if you have text messaging enabled. Also, Google logs everything you do on your phone, so that is a risk as well. Personally I would avoid smart phones entirely if you are worried about security or privacy. Since he never connects to the Internet and never does MMS a simple flip phone will do for him.

Re:Ask Slashdot :

[110010001000]

The default setting is on for MMS apps including the built in Google ones. "but so long as one turns off auto-retrieving MMS files, you're in no danger from it" The vast majority of people aren't going to do this. He is in danger even if he doesn't think he is receiving MMS, because they receive MMS automatically by default. And yes, Google tracks you server side. You cannot turn off the tracking. You are naiive if you think you can.