Google has moved to patch a four-year-old security hole in Android that could potentially leave any device released in this time frame vulnerable to attacks. The flaw in question was disclosed by Bluebox Security last week and centered on the ability to change an app’s code without affecting its cryptographic signature, essentially allowing hackers to turn any legitimate app into malware and still be verified as authentic software.
Bluebox Security CTO Jeff Forristal had said that this vulnerability has been around since Android 1.6 and thus was present in nearly 900 million devices. That’s a scary scenario, but of course the risk of infection is significantly lower considering most people download apps from the official store preloaded on their phones.
In a statement to ZDNet, Gina Scigliano, Google's Android Communications Manager also downplays the flaw’s reach while confirming a patch has been sent out to partners. Android users will need to rely on their device’s manufacturer for an update, some of whom, like Samsung, are reportedly already shipping them out.
Scigliano was also quick to point out that apps submitted to Google Play are scanned for any evidence of exploitation and so far they’ve found nothing to worry about. Even if you download from third party sources, Android’s ‘Verify Apps’ feature found in version 4.2 Jelly Bean also has you covered. Those with older devices should exercise caution (and common sense) when downloading from unknown or unreliable sources.
The Galaxy S4 is a continuation of Samsung's flagship Android handset, in a sleeker and more modern version inside and out. The S4 features a 1.9 GHz quad-core Qualcomm Snapdragon 600, 2GB of RAM, and a 5-inch Super AMOLED Plus display. The S4 also packs 4G LTE, Wi-Fi 802.11 a/b/g/n/ac, IR LED Remote Control, MHL 2.0, NFC, and Bluetooth 4.0.
The HTC One represents the firm’s latest attempt to regain lost ground in the smartphone market. It is made entirely of aluminum and boasts a large 4.7-inch full HD 1080p display with 468 PPI flanked by two speaker strips with integrated amplifiers. Inside is a 1.7-GHz, quad-core Snapdragon 600 processor, 2GB of RAM and 32GB or 64GB of internal storage.
The Nexus 4 is Google’s flagship handset that shipped along Android 4.2 Jelly Bean. The Nexus 4 packs a 1.5GHz quad-core Snapdragon S4 processor, a 4.7-inch 1280 x 768 IPS display, 2GB of RAM, dual cameras (1.3MP front, 8.0MP back), and either 8GB or 16GB of internal storage. Google also baked in NFC support and wireless charging.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Receive a weekly update of our best features and tech news you don't want to miss: