http://blog.trustlook.com/2014/01/23/trustlook-reported-microsofts-first-ever-android-vulnerability/
Imagine in a leisurely afternoon, you are sitting in a coffee shop. You want to search for the latest movie information for tonight’s dating. So you connected to the public wifi called “Starbucks”, and opened the Bing app. Sounds natural? What you can’t imagine is, at the moment you opened the Bing app (com.microsoft.bing) under an untrusted wifi, your phone or tablet could be hacked completely. The hacker could download and install any malware app to your phone, turn your phone into a tapping device or make unauthorized phone calls. As the Bing Android app (4.2.0 and lower) has been discovered a remote code execution vulnerability, attackers can execute arbitrary Java code when the app is opened under a compromised network. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
