Google Provides Patch to Fix Zombie Malware

Late last week, we reported that an estimated 99 percent of Android phones could be exploited by a hacker through glitch in security. Now Google announced that it has come up with a solution and a patch is being sent to all its manufacturers.

Gina Scigliano, Google's Android Communications Manager said in a statement "that a patch has been provided to our partners - some OEMs, like Samsung, are already shipping the fix to the Android devices," according to ZDNet.
 
That means that Android users will rely on their phone manufacturers to be safe, but Scigliano continued that Google hasn't seen any "exploitation in Google Play" or other app stores.  
 
On Friday we reported that Bluebox Security wrote about the flaw on its corporate blog, saying that the bug gave hackers a "master key" into the Android OS. Apparently the weakness is the security verification process on Google Play applications, which lets hackers modify APK code and turn an app into malware that can take over anyone's phone without flagging attention.
 
The security vulnerability could let hackers steal any information the app would collect, as well as possibly turning the phone into a zombie.
 
If what Scigliano said is true, than although the possibility is there, there hasn't been any noted problems, so users may be safe. However, Bluebox Security did report the problem in February - so what took Google so long to patch a relatively simple problem? We hope it's not because Google's hierarchy is so bloated and convoluted that the message didn't get through, or that it was ignored because it seemed trivial.
 
 
 
 
Contact Us