Exposure to Android leaks remains a threat last year

U.S. security agencies exposed an Android bug in 2014 that still threatens nearly half of Android devices today, foreign media PC World reported.

Android Bug exposed last year, half of devices are at risk

While companies such as Google, Samsung and Amazon have pushed the corresponding security patches for different models, some 49.5% of Android users are still under threat, the US security company Palo Alto said. Google, however, responded that it had not detected any action to exploit the vulnerability.

It is understood that these vulnerabilities can be a legitimate application to replace malicious software, thereby stealing sensitive information from mobile phone users. Security personnel For example, a malicious application called "Android Application Installer hijacking" can exploit this vulnerability, which has full privileges, including access to user data and passwords.

In general, security experts recommend careful use of applications downloaded from the Third-party application market, where apk installation files are generally stored in storage areas where the device is not protected, such as SD cards. Subsequently, the system application Packageinstaller will complete the installation process, in this process, the malware can use the vulnerability in the user without knowledge, the APK file to modify or replace.

Palo Alto discovered the vulnerability last January, when the threat of Android devices was close to 90% and has now fallen to 49.5%.