Dubai PR Network, Online Press Release from Dubai and Middle East
 
Mobile Device & Consumer Electronic(Technology)
Filter PR by
  
Android Vulnerability Affects 99% of Devices – Trend Micro Users Protected
 

Dubai, United Arab Emirates:- Last week, security researchers announced a new vulnerability for Android phones which could allow installed apps to be modified without the user being aware of it. Almost all Android devices are vulnerable, as the vulnerability has existed since Android 1.6 (Donut), and currently only the Samsung Galaxy S4 has been patched to protect against it.
The vulnerability – known in some quarters as the “master key” vulnerability – has attracted considerable media attention, but it has not always been accurately reported. We have updated Trend Micro Mobile Security to protect our users, but at the same time we wish to clarify what is going on, what the threat is, and what users can do.

What's this “master key” vulnerability?

The vulnerability is related to how Android apps are signed. All Android apps have a digital signature from their developer, which verifies that the app actually did come from the developer and was not modified en route. An app can only be updated if the new version has a matching signature from the same developer.
This particular vulnerability is in that last step. What researchers have found is a way for attackers to update an already installed app even if they do not have the original developer's signing key. In short, any installed app can be updated with a malicious version.

Note that technically, there is no “master key” that has been breached. Yes, any app can be modified and used for malicious purposes, but there's no “master key” in the first place.

What are the risks?

This vulnerability can be used to replace legitimate apps on an Android device with malicious versions. Apps with much permission – like those from the phone's manufacturer or the user's service provider – are at particular risk.
Once on the device, they can behave in the way that any malicious app would, except the user would think they were a completely legitimate app. For example, a modified/Trojanized app for a bank would continue to work for the user, but the credentials would have been sent to an attacker.

What can users do to protect themselves?

We've updated our Trend Micro Mobile App Reputation Service to detect apps that abuse this vulnerability, but so far we have not found any. Nonetheless, for users of Trend Micro Mobile Security, we have released an update to the pattern to ensure that we will detect apps that target this particular vulnerability. (All users with pattern version 1.513.00 or later are covered.) This is sufficient to ensure that our users are protected from this threat.
We strongly suggest disabling the ability to install apps from sources outside of Google Play. This setting can be found under Security in the system settings of Android devices.
Google has made some steps to protect users. They've modified the backend of their online store so that apps that try to exploit this problem are blocked. Thus, users who do not download apps from third-party stores or sideload APK files should not be at risk from this threat. The company also released a fix for the vulnerability and distributed it among OEMs. Hopefully, the importance of this update will prevent delays in its deployment.


Posted by : Dubai PR Network Editorial Team
Viewed 12218 times
PR Category : Technology
Posted on : Sunday, July 14, 2013  2:46:00 PM UAE local time (GMT+4)
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of DubaiPRNetwork.com.
Previous Story : Inventive Speakers With Finesse AKA Mo*Sound
Next Story : Islamic Lamps For The Holy Month
Email this article Print this article

Share this article with your friends and followers
NewsVine
Back to Section Home

Related Stories



 
 
Most Viewed Press Release posted in the last 7 days
Inventive, Futuristic and Daring Translucent is a Distinguished Milestone for Police. [7241-Views]
Show your Nanny some love and treat them to a Complimentary Haircut throughout August and ... [5270-Views]
Introducing Lunette: A Tool to Empower Women [4880-Views]
Corum Golden Bridge Titane DLC - black beauty for the man of style [4752-Views]
Robinsons Showcases Malone Souliers' Stunning New Collection for Pre-Fall 19 [4264-Views]
Aesop's Parsley Seed Skin Priming Regimen [4075-Views]
Same Favourite Fragrance, New Innovative Products From the Ritual of Karma [3995-Views]
Marks & Spencer Unveils Its Autumn 2019 Kidswear Collection [3995-Views]
Ferragamo Urban - 2019 Fall/Winter Collection [3898-Views]
Dubai Delivers on Tourist Volumes Again, With a Strong 8.36 Million Overnight Visitors in ... [3697-Views]
Corum Admiral Legend 42-Icon ahead [3672-Views]
GEMS Education students shine with excellent A-Level examination results [3666-Views]
GUESS - The Perfect Tote [3636-Views]
Sandro: The Power Suit [3617-Views]
Autumn / Winter 2019-20 Men's and Women's Sneakers Collection [3593-Views]
Tazio Nuvolari Vanderbilt Cup [3514-Views]
Exceptional Playtime with Soundcore Vortex [3514-Views]
Al Ain Hospital doctors save young girl from 2.5 cm pin in her lungs [3471-Views]
Ralph Lauren Debuts “Wear Your Story” Denim Campaign [3465-Views]
Hormann announces speed rolling shutter DD S6 [3459-Views]
The future of photography and videography is in Canon's hands, with five 2019 EISA Awards [3446-Views]
Get 50 per cent off back-to-school essentials at Dragon Mart [3386-Views]
Forecasting Mesmerising Sea Views and Exotic Seafood at Gonu [3318-Views]
Second Week of “Health & Tourism 2019” Campaign Witnesses Remarkable Participation in its ... [3239-Views]
Rock Chic Edit with GUESS [3233-Views]
 
RSS Facebook Twitter LinkedDin
 
Top Sections
 
Top Stories