For millions of Android users around the globe, it is a pretty bad week. This is because there were two critical vulnerabilities that were found and are remained unpatched (at the time of writing) for a large percentage of devices. On another note, there were also many malicious apps that were downloaded for as many as 2.5-million times, and these were all downloaded from Google Play itself.
Two Vulnerabilities and Malicious Apps Found in Android Devices
For the new vulnerabilities found for Android devices, these have been fixed with the use of updates that Google has started distributing since Tuesday. But once again, there is still a large number of devices that still have these vulnerabilities and remain unpatched. Furthermore, the large percentage of devices are not even eligible to receive the fixes. With these vulnerabilities, cyber attackers would be able to create crude blueprints in exploiting the weaknesses found on the unpatched devices.
The first vulnerability that was found was disclosed by a researcher with Google’s Project Zero security team Mark Brand. It is indexed as CVE 2016-3681, and it allows attackers to execute malware, or even escalate privileges on the unpatched phones. The researcher even branded the vulnerability as an “extremely serious bug” due to the possibility that it can be exploited in a number of ways. While the vulnerability is not particularly difficult to detect, the lack of a fix is still a thing to get deeply worried about.
As for the other vulnerability, which is dubbed as CVE-2016-3862, it can be exploited by sending a maliciously formatted JPEG file. When this image file is sent through Google Talk or Gmail, the malicious code will then be concealed as plain EXIF data within the image. What’s more is that the receiver of the image doesn’t need to click on anything for their Android smartphone to become compromised, which makes it an even stronger threat than the other exploit.
Tim Strazzere, the researcher who reported the Android bug to Google, as well as being the director of mobile research over at SentinelOne, told the following: “To an advanced attacker, this was relatively easy to find and in their wheelhouse to exploit. You would have access to anything that app had access to or leverage another exploit to get system privileges or root.” These vulnerabilities were made public within the same week that Checkpoint, a security firm, disclosed the recently discovered apps with malware embedded in them.
Share This on Facebook