Phones Limited

OEMs get security flaw patch from Google

News   •   Jul 09, 2013 21:14 BST

Android devices like the Samsung Galaxy S4 are more vulnerable to malware, due to a security flaw uncovered by Bluebox Security. To address the issue, Google released a patch to device manufacturers.

ZDNet says, “It doesn’t get much scarier than this. Bluebox Security claimed to have discovered a vulnerability in Android's security model that could allow attackers to convert 99 percent of all applications into Trojan malware. Google has told ZDNet that the hole has been patched and that it has been released to original equipment manufacturers (OEM)s.”

Jeff Forristal, CTO at Bluebox Security, said that the Master Key security flaw has been “around at least since the release of Android 1.6, [and] could affect any Android phone released in the last four years — or nearly 900 million devices.”

Gina Scigliano, Android Communications Manager at Google, confirms “that a patch has been provided to our partners - some OEMs, like Samsung, are already shipping the fix to the Android devices.”

She added, “We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools. Google Play scans for this issue - and Verify Apps provides protection for Android users who download apps to their devices outside of Play.”

Want to know when your OEM will be rolling out the patch? Stay tuned for further updates.

Click on the link for more information on the Samsung Galaxy S4 White.