It’s been a rough few weeks for Android, at least as far as security issues are concerned. Just a few days ago we told you about the banking Trojan that was targeting Android users, and how ransomware is now hitting Android smartphones and tablets. And now, there’s another security issue you need to know about.
News began surfacing yesterday about a flaw that has been found in mobile processors made by Qualcomm, and these processors are used in around 60 percent of Android devices. The flaw has also been linked to Android’s mediaserver and to security issues with Qualcomm’s Secure Execution Environment, or QSEE. It is being distributed by malicious apps.
This new flaw is quite alarming, and makes it possible for hackers to take over a phone or tablet.
Remember last year when we told you about the Stagefright flaw? It was a huge flaw that put nearly 1 billion Android smartphones at risk for hack. It was so bad that it prompted Google to start issuing monthly security patches for its security holes.
Researchers at Duo Labs are concerned that this new vulnerability is similar to that. However, where hackers could remotely take over your phone with Stagefright using just your cellphone number, this new flaw is being distributed by a malicious app.
Still, anything resembling Stagefright is alarming. It originally began with a text message that was carrying a malicious payload. It later evolved to the point where the text message was no longer needed, and the malicious code was installed on your device from an application download.
Stagefright spread rapidly and was difficult to stop because it exploited a vulnerability that was deep inside the Android operating system itself. It used Android’s mediaserver as its avenue for the attack, since the text message or downloaded app would typically infect the device by playing a video.
That’s what has researchers so concerned. This new flaw makes it possible for hackers to exploit a similar vulnerability.
Google was quick to issue a patch for this flaw, but that doesn’t mean all Android users received it. In fact, according to Duo Labs, one out of every 200 Android users are still at risk.
If you have the current version Android 6 Marshmallow, the latest patch is typically pushed directly to your phone during the regular updates provided by your carrier. But, if you don’t have the most recent version of Android, you’ll need to take alternative steps for securing your device.
Note: This is an important reminder to protect your Android smartphones with a rock-solid Internet security system. We recommend the FREE Kaspersky Internet Security for Android. Install it now before you run into this problem.
You also get the Premium versions when you get the Kaspersky Total Security suite. It protects up to five gadgets, including PCs, Macs and Android smartphones and tablets, with a single license. Buy it today and get 50 percent off.
Be sure to share this important information with your family and friends before they’re attacked by an Android malware. We’ve made it easy. Just click on any of the social media buttons below.