Advertisment

Google fixes two critical bugs in Android

author-image
CIOL Writers
New Update
Clipboard

Google issues monthly security updates for Android and in its latest update release, the company has pushed out a new fix for its mobile operating system that patches two critical flaws on the security front.

Advertisment

The first security hole was designed only for "research purposes" and would only have been malicious if modified, Google tells ArsTechnica, but it wouldn't have been hard to detect or weaponize.

The second flaw, also the more serious of the two behaved similarly to the well-known Stagefright exploit, letting an attacker send an altered JPEG image through Gmail or Google Talk to hijack your phone.

CIOL Google fixes two critical bugs in Android

Advertisment

Making matter worse, security company Check Point also revealed that Google Play had been hosting apps containing two forms of malware (CallJam and DressCode). Both apps steeredusers off-course and straight into shady ad sources to generate revenue. CallJam would even call paid phone numbers, if granted permissions.

Google has since removed the offending apps, but the infection rate may have been high when users downloaded the software hundreds of thousands (or in a few cases, millions) of times.

Though the chances of running into this malware are relatively small, the real point is about the timely Android security updates. Only Nexus owners get first crack at the fixes -- most everyone else will have to wait, provided they're in line in the first place. Google's monthly security updates help, but this won't do much if your phone maker either hasn't committed to those updates or has left you running an older Android version that can't get those patches.

google android