HTC Will Issue Fix for Phone Data Exposure Flaw
The makers of the HTC Android smartphone are investigating reports of a vulnerability that exposes personal user data to all Internet-connected applications. The flaw affects several different models of the devices. The problem lies in a program called HTCLoggers.apk, which was recently added and logs large chunks of phone data. The vulnerability has the potential to expose email addresses, GPS locations, SMS data and system logs. HTC plans to issue a fix for the problem.
Google has released Chrome 14.0.835.202 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google
Chrome Releases blog entry and update to Chrome 14.0.835.202.
US-CERT: United States Computer Emergency Readiness Team