1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google's screening process could help mitigate new Android vulnerability

Discussion in 'CSO' started by RSS, Mar 25, 2015.

  1. RSS

    RSS New Member Member

    Researchers at Palo Alto Networks' (PAN) Unit 42 have disclosed the details behind a widespread vulnerability that impact 49.5 percent of the current Android base. The flaw enables attackers the ability to hijack the installation of an application, without the user's knowledge.

    The malicious bait and switch happens during the install process. As an app is installed, users are presented with a list of permissions required by the app itself, something most users ignore – agreeing to them blindly in order to move the process along.

    However, the flaw discovered by Unit 42 researchers would allow an attacker to display a false, more limited set of permissions, potentially gaining full access to the device.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page