Google IO 2015 Coverage

New major security threat for Android devices revealed, but Google already has a patch in place this time


After all the commotion about the latest major security vulnerability to Android devices, you would think things on the security side of the platform would quiet down for a bit. However, that’s not the case, as a Chinese site has posted details about an application exploit similar to Bluebox’s earlier revealed loophole that would allow apps to avoid signature verification to run malicious code on an Android device. ¬†However, the vulnerability was found in older code that was replaced with a security fix, so Google was already aware of the problem and has patched it up as soon as they were made aware of it. It may take awhile for that type of security patch to hit devices in the wild, but like the Bluebox vulnerability, Google has done all they can to take care of things on their end.

If you want to read up on the specifics of the vulnerability, hit the links below. It’s a pretty small, complicated vulnerability that would be pretty tricky for malware to pull off on most devices, but it’s interesting nonetheless.

source: Sina Blog

via: Android Police

  • Michael Sommer

    “Google has done all they can to take care of things on their end” and that is not much. That security patches are not immediately deliverable to all devices is a dangerous and braindead system. If Firefox OS or Ubuntu Touch do that better, I’ll switch for sure!