Users of the cloud storage service Acer Cloud were vulnerable because of a leak in the accompanying Android app. Via Acer Portal app, which is installed between 10 million and 50 million times, users can connect the Acer Cloud to access their files.
The Acer Portal app appeared ssl certificate not controlling. An attacker who stood between the user and the Internet so could perform a man-in-the-middle attack and intercept the password and user files. The researchers inform discovered the problem Acer decided late May, but could not be delivered emails to security@acer.com and secure@acer.com.
So the researchers decided the CERT Coordination Center informing (CERT / CC) at Carnegie Mellon University, so that they could communicate the problem with Acer. That led to the end of June a new version of the portal app to version 3.9.4.2000. Then have now announced details about the vulnerability. Users are advised to install the latest version from Google Play.
No comments:
Post a Comment