Thanks for the quick answer. On Feb 14, 11:19 pm, Dianne Hackborn <[email protected]> wrote:
> Otherwise, many Android devices have a facility for doing over-the-air > update of the platform, which can update everything from the kernel to > built-in apps. A security flaw can be fixed with either mechanism. > Is this "over the air update facility" a part of the Android framework (for kernel or built in app updates)? Is there any documentation on this particular topic available? Does this also apply to embeeded native librairy? to core apps like Browser which are not implemented only against SDK? Does that mean that the patch for the Webkit vulnerability (CVE-2010-1780) could have been sent over the air? Regards > On Mon, Feb 14, 2011 at 1:48 AM, droid_sec <[email protected]> wrote: > > Hello everyone, > > > Applications downloaded from the Android Market can be updated through > > the Android Makert application sitting on the device and thus if a > > security flaw is found in them a patch can be released. > > Is there any such mechanisms available for the Android core apps > > (Browser,Contacts,...), manufacturer embeeded apps (HTC apps, Samsung > > apps,...) ? > > These specific application do no seems to be "un-installable" so I > > wonder if it is possible to update them at all. > > > Regards > > > -- > > You received this message because you are subscribed to the Google Groups > > "Android Security Discussions" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > >http://groups.google.com/group/android-security-discuss?hl=en. > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
