Android Master Key Patch

The 4-year Master Key vulnerability in Android finally has a fix. Google announced the Master Key patch last week. Manufacturers are yet to release the patch, however.

Master Key Vulnerability

The Master Key vulnerability has left Android phones and tablets open to infection from modified apps for the past 4 years. The vulnerability allowed modifications to be made on apps without having to change the encryption. This meant that apps potentially modified to contain malware could be verified and installed by Android users. The apps would install and perform like any other app, giving no sign to the user that malware was included.Google was informed of the vulnerability by Bluebox early this year. A temporary fix was quickly issued for Play Store apps.

Google has released the patch to device manufacturers that are partnered with them. Google confirmed through Android Communications Manager Gina Scigliano that Samsung has already begun shipping the fix. The release of the patch from Google’s other partners is yet to be announced.

OEM Compliance

Users of Android devices are now dependent on the speed at which manufacturers can push out the update. Android device users are in the meantime still vulnerable to apps that contain malware. Third party apps are now the most likely to contain malware. Android users are still relying on the top VPN services to help detect and avoid security issues.

Third Party Apps

Security experts warn Android users to remain cautious and use apps only from verified sources. Apps that are downloaded outside of the Play Store and installed manually have not been checked. They can be patched, but users must also manually verify of the patch has been applied.

Google claims that the risk of infection due to the Master Key vulnerability is a minor one. Scigliano announced that according to their security scans, there is no evidence of exploitation on apps, whether in the Play Store or other stores. In view of the encryption fault and the statistics on Android app infection, however, the danger is very real.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
Filed in: News

Get Updates

Share This Post

Recent Posts

Leave a Reply

Submit Comment

© 2017 Get Best VPN Service in Europe. All rights reserved.