As you all may or may not have known, Google has been working hard at patching some potentially serious Android mobile security flaws.
The company has thus fixed two major security issues that could have left millions of devices at risk of being hijacked by criminals.The flaw that i mentioned includes a variant of of the stagefright bug (which was uncovered last year and affected nearly a billion Android devices across the world). This flaw however is not the same as stagefright but but behaves similarly to it. This virus would allow hijackers to hack your device using a specially created j-peg image file , sent through Gmail and other Google services. This would allow the attackers to gain control of the device and have access to personal information or would also let them shut it down completely.
Users, who don't even download the image will be hit by the malicious bug . This means that anyone who even views the bug ( The J-peg image file) would be affected the by it.
The other bug was similar to this bug. By the same process (the J-peg image file) hackers would gain control of the device and this would allow them to execute malware or gain access to personal information or programs on affected devices by escalated local privileges.
Know as CVE 2016-3861, Google says that it was designed only for research purposes but if in the wrong hands , could be used for some serious damage. The updates are included in Google's latest security patches ,which are available to nexus device users now , and will be rolling out to other devices very soon. However even users who have installed the update could find themselves being attacked by criminals. It seems that the Google Play store hosted apps that contain two nasty forms of malware.
The offending apps have now been removed by google , but there's no word on how many times the apps were downloaded , meaning millions of android users could be at risk of being affected by the bug.
Make sure that you only download the essential apps and report any app that seems fishy on the Playstore.
0 comments:
Post a Comment