Researchers at Bluebox Security have revealed a disturbing flaw in Android's security model, which the group claims may affect up to 99 percent of Android devices in existence. According to Bluebox, this vulnerability has existed since Android 1.6 (Donut), which gives malicious app developers the ability to modify the code of a legitimate APK, all without breaking its cryptographic signature -- thereby allowing the installation to go unnoticed. To pull off the exploit, a rotten app developer would first need to trick an unknowing user into installing the malicious update, but hackers could theoretically gain full control of a user's phone if the "update" posed as a system file from the manufacturer.
Bluebox claims that it notified Google of the exploit in February. According to CIO, Bluebox CTO Jeff Forristal has named the Galaxy S 4 as the only device that's currently immune to the exploit -- which suggests that a security patch may already exist. Forristal further claims that Google is working on an update for its Nexus devices. In response to our inquiry, Google told us that it currently has no comment. We certainly hope that device manufacturers do the responsible thing and distribute timely security patches to resolve this issue. Absent that, you can protect yourself by installing updates through the Play Store and Android's built-in system update utility.
Filed under: Software, Mobile, Google
Comments
Source: Bluebox Security, CIO
Search Result
Massive security hole leaves 99% of all Android devices ... Android security hole, may affect 99 percent of devices Researchers at Bluebox Security have ...,Researchers at Bluebox Security have revealed a disturbing flaw in Android's security model, which the group claims may affect up to 99 percent of Android devices in ...,Bluebox reveals Android security hole, may affect 99 percent of devices (engadget.com) submitted 15 minutes ago by earlsweatscript. comment; share cancel,Researchers at Bluebox Security have revealed a disturbing flaw in Android's security model, which the group claims may affect up to 99 percent of Android devices in ...,News ... "Researchers at Bluebox Security have revealed a disturbing flaw in Android's security model, which the group claims may affect up to 99 percent of Android ...,Researchers at Bluebox Security have revealed a disturbing flaw in Androids security model, which the group claims may affect up to 99 percent of Android devices ...,Bluebox reveals Android security hole, may affect 99 percent of devices - posted in Back Page News: Researchers at Bluebox Security have revealed a disturbing flaw ...,Researchers at Bluebox Security have ... may affect up to 99 percent of Android devices in ... reveals Android security hole, may affect 99 ...,Bluebox reveals Android security hole, may affect 99 percent of devices. ... which the group claims may affect up to 99 percent of Android devices in existence.,Bluebox reveals Android security hole, may affect 99 percent of ... Bluebox Security have ... may affect up to 99 percent of Android devices in ...
0 komentar:
Posting Komentar