Home
Apps
Apps News
Android Installer Vulnerability Affecting 49.5 Percent of Devices: Report

Android Installer Vulnerability Affecting 49.5 Percent of Devices: Report 3o2z9

By NDTV Correspondent | Updated: 26 March 2015 14:05 IST

ment

Security researchers at Palo Alto Networks claim to have found a vulnerability in Android versions ranging from v2.3 (Jelly Bean) that allows attackers to gain full access to compromised devices. The bug pertains to the fact that in vulnerable versions of Android there are no checks at the time of installation of whether an app's permissions actually match those d to the during installation. The vulnerability only affects apps installed from third-party app stores. h622t

Palo Alto Networks says the vulnerability, which it is calling Android Installer Hijacking, is of the 'Time-of-Check to Time-of-Use (TOCTTOU)' type, and allows attackers to mask the permissions of an app being installed between the check page (which lists the permissions) and the actual installation of the apk file.

Essentially, the system service PackageInstaller on affected devices does not the apk file at the time of installation, only prior to displaying the permissions - this means the app installed can have different permissions from what are shown. This could allow access to data including s.

The firm says as of Google's March 2015 Android distribution numbers, affected devices for roughly 49.5 percent of active Android devices. Palo Alto Networks adds that back in January 2014 when it discovered the vulnerability, which it is calling Android Installer Hijacking, the security flaw affected 89.4 percent of active Android devices.

In February last year however, Palo Alto Networks says it informed Google's Android Security Team, and then informed Amazon Appstore for Android) in September, so that patches could be issued.

A quote by the Google team on the security firm's blog post says, "Android Open Source Project includes patches for this issue for Android 4.3 and later," and adds that the Team "has not detected any attempts to exploit this vulnerability on devices."

Amazon on the other hand recommends s should the latest version of the Amazon Appstore for Android, which it says gets "updated automatically on Fire devices and for 3rd party Android devices it can be updated via www.amazon.com/getappstore."

Palo Alto Networks itself has Google Play store that allows s to check if their devices are affected by the Android Installer Hijacking vulnerability. It adds that Samsung and Amazon have released fixes for their affected devices, which included those running on Fire OS.

links may be automatically generated - see our ethics statement for details.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.