Following the discovery of a big Linux security hole on PCs and Android devices by Perception Point, Google has formally responded. The team in Mountain View assures that the vulnerability isn’t all that serious after all.
Malware attacks have been a monthly problem towards the back-end of last year but, at least, this time, most Android users won’t have much to worry about. And for the rest, a patch has been issued.
When announced that 66% of Android devices out there could easily be bugged, there was a real frenzy. But no one gave Google a chance to explain its side of things. Google highlights that any device that runs Android 5.0 or later is protected by an added security layer dubbed Android SELinux policy.
On the other hand, the older smartphones out there which run Android 4.4, the particular Linux kernel 3.8 code wasn’t used at the time. Ahh, we can hear a worldwide sigh of relief from our office. Either way, Google wants to make sure that there are no oversights and are releasing a patch as we speak. You can expect this OTA on your devices very soon.
The original discovery found that “CVE-2016-0728” allowed third-party apps to access data in the OS’ keyring and encrypt it afterwards so it can’t be accessed by the user. Once exploited, the malicious apps would be allowed to reign terror outside the controlled environment of the sandbox and gain control of the operating system’s root functions.
A more thorough explanation of the Android coding environment, you can check out our post here.