North Carolina State University researchers have uncovered a vulnerability in Android devices that can enable an attacker to record conversations and monitor the device's location data.
"Apparently apps can bypass security defences that ask users to give their permission before an app is given access to personal information," writes The Inquirer's Kate O'Flaherty. "The code is found in the interfaces and services that handset makers add to enhance Google's stock firmware."
"'We believe these results demonstrate that capability leaks constitute a tangible security weakness for many Android smartphones in the market today,' researchers wrote in a paper due to be presented at next year's Network and Distributed System Security Symposium," O'Flaherty writes.
Go to "Android weakness allows hackers to record phone calls" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.