Bluebox Discovers A Critical Vulnerability In Android

Bluebox Security has revealed a loophole in Android’s security model, which can potentially affect up to 99 percent of Android devices in existence. The vulnerability is claimed to have existed since Android 1.6 (Donut), which allows malicious app developers access to modify the code of a legitimate APK, all this without having to break its certified cryptographic signature, which could mean unnoticed installation of malicious code. This exploit can be leveraged when the user downloads and installs malicious “App Update” and could allow full access of device if the malicious code was to be a System Update.

Samsung Galaxy S 4 is the only device that is immune to this bug.

Bluebox notified Google of the exploit in February. Currently Google is working on a security update for Nexus Devices. Users can stay secure from their side by relying on the Play Store and Android’s built-in system update utility for any installations or updates.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.