todb's post earlier this week about the flaw in Android's Open Source Platform browser has been getting a lot of attention this week, and for good reason: By the numbers, Android 4.2 and earlier builds have the vulnerable browser in question, and about 75% of Androids in the world today are using pre-4.4 builds. While not everyone uses the AOSP browser on their phone—certainly Firefox, Chrome, or Dolphin are popular choices—there still could be a lot of people potentially exposed to this issue.
While I encourage you to read Tod's original blog post about this, where he walks through the history of the vulnerability in detail, we've also created this brief Whiteboard Wednesday video explainer to walk you through the high-level points. Our VP of Strategic Services, Nick Percoco (@c7five), reviews how exactly this bug works and what it means for most Android phone owners. Additionally, he discusses what corporations need to keep in mind if they have a BYOD policy with employees that are potentially exposed to this vulnerability.
Take a look at this week's Whiteboard Wednesday: Android Browser Privacy Bug Explained, and let us know what you think!
In addition, if you have any topics you'd like to have us cover, we want to hear 'em—you can drop us a comment here on SecurityStreet or Tweet us at @rapid7—our Whiteboard Wednesday hashtag is #rapid7WbW. (We love hearing about folks using our Whiteboard Wednesday videos in corporate trainings and executive presentations!)