Home Technology Android flaw leaves millions vulnerable

Android flaw leaves millions vulnerable


Android is under intense scrutiny again tonight as reports surface that nearly 50% of all Android devices are vulnerable to a security flaw that has gone unchecked. While Google maintains that they have updated and patched the problem areas that existed, reports have been swirling that nearly 50% of those devices are still at risk, leaving millions of Android devices exposed to a potentially malicious installer that would hijack the existing software on the phone.

Samsung and Amazon are said to have released updates that corrected the flaw as well, but that hasn’t stopped a large portion of devices from being at risk. Palo Alto Networks detected the flaw, and Google has been quick to respond – pointing out that the flaw itself hasn’t been exploited yet. However, with the security risk and potential damage that could be done to devices, and the individuals who use the Android devices in question – it raises valid concerns.

“Android Installer Hijacking” gains access to the device by being installed from a third-party app store. However, the security flaw is concerning enough that Google has started working to remedy the vulnerability. The troublesome portion of the vulnerability is that if taken advantage of, the entire device is left wide open for the hacker to actually take control of, look at, and run through without any stopping. That means, they would have access to usernames, passwords, bank information, or really, anything else that users might want kept in their personal space.

The flaw allows the APK file to be modified, and then worked from internally there. That being said, this is not a flaw that just appeared recently. In fact, it was first discovered in January of 2014 and that flaw was originally impacting 90% of all Android devices. While that figure has since dropped to 49% the problem remains that the flaw has existed for more than a year – with no absolute resolution to the vulnerability.


Android versions 2.3, 4.0.3 to 4.0.4, 4.1.x, and 4.2.x, are all impacted and the team believes that some 4.3 devices might actually still be vulnerable as well. Android 4.4 devices were updated correctly, with the flaw eradicated, but it remains a vulnerability that is incredibly serious for those running any Android device that could potentially be at risk.

Previous articleGoogle wants users to pay bills from Gmail
Next articleFacebook Messenger now open to developers
An entrepreneur by birth, blogger by choice, and geek by heart. He founded Sprouts Media, a blogs/websites network company, currently owns over 10 popular web properties, to cater his passion of journalism and entrepreneurship. He is also known as an avid reader, technology enthusiast, explorer, and a broken lover. His passion for knowledge keeps him running all the time. A pure vegetarian, who believes in reincarnation & law of karma and follows the philosophy of “Live and let others Live” because all living beings have equal right on the resources of this planet. He loves to write about Technology and Social Issues on his blogs. He can be reached at nitin [at] sprouts.media.