Security News > 2020 > October > Google aims to improve security of browser engines, third-party Android devices and apps on Google Play
Google has announced two new security initiatives: one is aimed at helping bug hunters improve the security of various browsers' JavaScript engines, the other at helping Android OEMs improve the security of the mobile devices they ship.
"JavaScript engine security continues to be critical for user safety, as demonstrated by recent in-the-wild zero-day exploits abusing vulnerabilities in v8, the JavaScript engine behind Chrome. Unfortunately, fuzzing JavaScript engines to uncover these vulnerabilities is generally quite expensive due to their high complexity and relatively slow processing of input," noted Project Zero's Samuel Groß.
The company is also set on improving the security of the Android ecosystem, and to that point it's launching the Android Partner Vulnerability Initiative.
"Until recently, we didn't have a clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs," the company explained.
Simultaneously, the company has is looking for a Security Engineering Manager in Android Security that will, among other things, lead a team that "Will perform application security assessments against highly sensitive, third party Android apps on Google Play, working to identify vulnerabilities and provide remediation guidance to impacted application developers."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/FwUiLb3cy88/
Related news
- Android 15, Google Play get new anti-malware and anti-fraud features (source)
- Android 15, Google Play Protect get new anti-malware and anti-fraud features (source)
- Over 90 malicious Android apps with 5.5M installs found on Google Play (source)
- Malicious Android Apps Pose as Google, Instagram, WhatsApp, to Steal Credentials (source)
- The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield (source)
- Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android (source)
- Google Launches AI-Powered Theft and Data Protection Features for Android Devices (source)
- Google takes shots at Microsoft for shoddy security record with enterprise apps (source)
- Arc browser’s Windows launch targeted by Google ads malvertising (source)
- Google patches exploited Android zero-day on Pixel devices (source)