Android: Fake-ID Security Problem Could Leave Millions Open to Attack

Author Dragan Berak 31.7.2014. | 00:37

Millions of people using Android devices could be left open to attack from malicious apps that appear to come from legitimate developers, due to a flaw in Google’s mobile software. But Google says it has already issued a patch, and has seen ‘no evidence of attempted exploitation of this vulnerability’

 

fake-id-flaw

 

The flaw has been named “Fake ID” by security company Bluebox Labs, which discovered it. However, Google says it has already issued a patch to protect Android users from attacks exploiting the flaw.

Fake ID has been resident in Android from version 2.1 to 4.4, although it was fixed in April as part of the latest update, Android KitKat. Millions of devices could still be at risk, though, as Google’s own figures show that 82.1% of Android users are running an older version.

In a blog post published today, Bluebox explained that the problem lies in how app security is checked on Android, with each app given its own cryptographic signature determining who can update it, and what privileges it has on a device.

Read more at TheGuardian.com

Author Dragan Berak 31.7.2014. | 00:37
Write a comment

No Comments

No Comments Yet!

Let me tell You a sad story ! There are no comments yet, but You can be first one to comment this article.

Write a comment
View comments

Write a comment

Leave a Reply

Watch latest gadget videos

Chinavasion Video


action cam

Add Chinavasion on Google+

Add Chinavasion on Facebook

Archive