During the HouSecCon conference, held in Houston, the guest M.J. Keith demonstrated the vulnerability of 2.2 version of WebKit run on Android mobile devices. During the presentation, the researcher explained that he was able to write a code that would give him access to the internet browser of the phone, whenever the user visits a website, reports ComputerWorld,

The Alert Logic researched also stated that the prospective attack will be able only to access the history of the browser, not to divert calls or send text messages “If they use their browser to access anything, you’d be able to get a hold of that stuff.”

Google commented in response to Keith awareness that the company is in charge of the problem and their also dimension of the threat as the attack code is working only on the Android 2.2 version, which is used by only 36% of Android phones: Droid and HTC EVO 4.

The attention turned towards smartphones recently because all the recent years were dedicated to the security of Windows operating systems and collateral programs. To be mentioned is also the competition won by Charllie Miler in 2008 – a hacking contest with $10,000 revenue. The winner explored the vulnerability of WebKit on Mac, exploiting a bug in the PCRE. Soon after, he also demonstrated that Android’s operating system had the same flaw.

Recently, Coverity proved that Kernel – the Android’s Linux operating system has 359 potential bugs. A quarter of them are similar to the defect explored by Keith. Another issue raised with the vulnerability of the WebKit is the fact that Android has certain problems with phone updates. While Apple and BlackBerry use the direct buy, Android is relied on the networks’ operators will to update the software versions of the smartphones.

As discussed before, there is no platform unity between the prospective Android 3.0 and upcoming Chrome OS.  It’s caused a number of problems for developers, and some have even complained of the obstacles Android has, in the way of a fragmented mobile platform.  In this case, it may have been a good thing for the WebKit vulnerability, and it gives Google an opportunity to demonstrate the improvements already made to the OS.  However, Android is still facing scrutiny as it looks to compete head on with Apple and Microsoft’s Windows Phone 7.

Despite this shortcoming, mobile browsers seem all too eager to develop on Android.  The past week has seen an HD release from Dolphin, and an update from Mozilla’s Firefox 4 Beta.