Android users take note! IBM researchers just discovered a security flaw that could give hackers access to some very important security information on your gadget. This is really scary for those of you that use your smartphone for banking services or to store confidential information.
The vulnerability resides in the Android KeyStore, a highly sensitive region of the Google-made operating system dedicated to storing cryptographic keys and similar credentials, according to an advisory published this week by IBM security researchers. By exploiting the bug, attackers can execute malicious code that leaks keys used by banking and other sensitive apps, virtual private network services, and the PIN or finger patterns used to unlock handsets. The advisory said Google has patched the stack-based buffer overflow only in version 4.4, aka KitKat, of Android.
The researchers originally reported that the flaw affected all Android users without version 4.4, which is over 86 percent of users! It turns out the flaw only affects the 10.3 percent of users with version 4.3.
To check what version you're using, go to Settings>>About Phone and check the Android version.
Hackers can't use this flaw to steal your information unless they have an app installed on your gadget. Android also has some pretty advanced software protections to prevent them from ever accessing the KeyStore.
The best way to stay safe is to be careful what apps you download and never download apps outside of the Google Play store. You should also have security apps installed.
Even with protections in place, it is always smart to avoid downloading questionable apps. Your smartphone carries around a lot of important information, so you can never be too safe.