Google finally got around to patching a three-year-old vulnerability in its Chrome for Android browser, which reveals a phone model and build.

Nightwatch Cybersecurity bug bounty researchers identified the vulnerability back in May 2015, according to a Sept. 30, 2015 blog post ,but Google’s Security staff didn’t address the threat until they realized how big the issue was years later.

Google released a partial fix in October 2018 with the release of Chrome 70, but the browser still leak information about the device names and details of two Android components in the device.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.