Android security hole revealed that may affect 99% of devices. - Stuff

Android security hole revealed that may affect up to 99% of devices

Android security hole revealed that may affect up to 99% of devices

Researches at Bluebox have revealed an Android security vulnerability that could allow attackers to take full control of almost any smartphone running Google’s Android operating system without the knowledge of the app store, the phone or the end user.

The vulnerability has apparently been around since the release of Andriod 1.6 (Donut). So the weakness could possibly affect any Android phone released in the past 4 years. The weakness involves the way legitimate Android applications are cryptographically signed to ensure they haven’t been modified by parties other than the trusted developer. Exploiters of the vulnerability can modify app code to include backdoors, keyloggers or other malicious functionality without changing the verification signature.

Bluebox has claimed to have notified Google of the  Android security exploit in February, and according to CIO, Bluebox CTO Jeff Forristal has named the Galaxy S 4 as the only device that is immune against the exploit. Google is supposedly currently working on an update for its Nexus devices.

Sources: Engadget.com ArsTechnica.com Bluebox CIO

Previously the editor of PCFormat and T3, Nic is a wordsmith by day and a web developer by night. Or is that the other way round? He has been the managing editor of Stuff's print version for several years and is now the digital publisher, leading the web, mobile and app evolution of your favourite mag.

Lost Password

Share This

Share this post with your friends!