Google Finds, and Fixes Two Major Security Flaws

Google’s mobile security team has been busy this week, after finding, and fixing two major android security flaws. The team was worried about the size of the security risk to users, should any intruders find out how to exploit them.

The first flaw, was made for research purposes and would have had to have been modified in order to become malicious. Google commented that in spite of that, it wouldn’t have been hard to detect, and weaponized.

The other, acted like the Stagefright exploit, letting the hackers send an altered JPEG image through Gmail or Google Talk to hijack the victim’s phone. Tim Strazzere of SentinelOne Research explained that it was both easy to find and capitalize on the vulnerability.

Check Point, an online security company, revealed that Google Play had been hosting apps that were found to contain two forms of malware; CallJam, and DressCode. Both directed phones to fake websites with even worse ad revenue, and would direct the phones to call paid numbers.

DressCode would also visit harmful ad sources, and it could compromise local networks. Google has removed the apps, but the infection rate was high when users downloaded the software over a million times.

There is a rather small chance one would run into this malware, because it just highlights the need for Android to fix security updates in a timely fashion. So far, only owners of the Nexus will be able to try the new updates, everyone else will have to wait. The time frame is unknown, but developers said if the fixes aren’t up to par, it’s going to be an even longer wait for everyone.

They urge everyone to continue with Google’s monthly updates, but want to remind everyone that if your phone manufacturer hasn’t committed to the updates, or left your running an older Android version, you’ll be left out. Possible solutions are upgrading your device, or as google says:

“Wait for a more conventional update.”

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.