



"When ObjectInputStream is used on untrusted inputs, an attacker can cause an instance of any class with a non-private parameterless constructor to be created,". "All fields of that instance can be set to arbitrary values."

"The malicious object will then typically either be ignored or cast to a type to which it doesn't fit, implying that no methods will be called on it and no data from it will be used. However, when it is collected by the GC, the GC will call the object’s finalize method." - further he added.



Current the researcher have not published the full exploit of the bug but he had provided the technical details on the vulnerability, which you can read



Horn had reported the bug to Google team on June and Google team had patched the bug on November 3rd. The bug has been resolved and patched implemented on latest version of the Android OS version 5.0 named as "Lollipop". This means that the vulnerability still resides in all the Android OS version lower than version - further he added.Current the researcher have not published the full exploit of the bug but he had provided the technical details on the vulnerability, which you can read from here Horn had reported the bug to Google team on June and Google team had patched the bug on November 3rd. The bug has been resolved and patched implemented on latest version of the Android OS version 5.0 named as "Lollipop". This means that the vulnerability still resides in all the Android OS version lower than version

Security of the mobile device is also major issue of today's days, and if we talk about the most popular mobile Operating Systemthen we all know that it is the most targeted (attacked) mobile OS. But Google team continues their efforts to make is secure.Security researcher, have discovered a critical security vulnerability on the Android Operating System which effects almost 99 percent Android users. The vulnerability was addressedand resides in java.io.ObjectInputStream, which fails to check whether an Object that is being deserialized is actually a serializable object.The Bug was critical because it effects billions of the users and allows the attacker (hacker) to bypass the Address Space Layout Randomization (ASLR) defense and execute arbitrary code of their choice on a target device under required environment (scenario) .Researcher Horn describing the bug say, android apps can communicate with system_service, which runs under admin privileges (UID 1000) and using Intents with the attached Bundles, these are "transferred as arraymap Parcels and arraymap Parcels can contain serialized data," in this way, any android app can attack the system_service.On the security advisory note Horn noted that -