It was quite a dramatic state of affairs, with security firm Bluebox reckoning that 99 per cent of Android handsets were vulnerable - there was the potential for nefarious devs to modify app update code.
That would mean that users could be merrily installing what appears to be a legit app update, but is actually riddled with nasty code courtesy of nefarious developers.
Patchwork
However, Google has been working to close the hole since February and has now succeeded.
Exactly when you'll get the update will depend on your phone make, with individual manufacturers responsible for rolling out the update.
Samsung owners are quids in though, as Google confirmed to ZDNet that "a patch has been provided to our partners" with "some OEMs, like Samsung… already shipping the fix to Android devices".
Google says that it's been a bit of a storm in a teacup though, adding, "We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools. Google Play scans for this issue - and Verify Apps provides protection for Android users who download apps to their devices outside of Play."
No comments:
Post a Comment