Monday, July 15, 2013

Android ‘Master Key’ Vulnerability Affects 99% of Devices

-Trend Micro protects users against the vulnerability via its Mobile Security Solution-

The new vulnerability in Android phones, codenamed ‘Master Key’, allows installed apps to be modified without its user awareness. Existed since Android 1.6, it has affected 99% of Android devices. Trend Micro, a global leader in mobile, cloud and server security, now protects users against the ‘Master Key’ vulnerability via its Trend Micro Mobile Security. The recent update to the solution allows it to detect any apps attempting to take advantage of the vulnerability including new apps that are yet to be identified by security researchers.

While there have been no recorded malicious apps taking advantage of the ‘Master Key’ vulnerability, it is only a matter of time before cybercriminals develop it and get them into the wild. “Since the announcement of this vulnerability it took less than a week for a security researcher to deliver a proof of concept exploit. We are pretty certain cybercriminals have been doing their own development and testing and we will see malicious apps popping up on 3rd party apps stores and websites in the very near future” said Goh Chee Hoh, Managing Director, SEA Region, Trend Micro Inc.

Google has since released a patch for the Android operating system and provided it to carriers and device manufacturers. However due to the fragmented nature of the Android ecosystem it is likely to take quite a while for most people to receive the update. “The fragmented nature of Android is a fact of life and fixes for vulnerabilities and security patches will likely never reach a large percentage of users. Unfortunately this is the case where I am afraid a large number of people are going to remain vulnerable” added Goh.

Kindly click on the link below to have an in-depth idea on the ‘Master Key’ vulnerability.

No comments: