Leave a comment

Google releases fixes for major Android security flaws

Google releases fixes for major Android security flaws
image courtesy of shutterstock

By now you're probably familiar with Microsoft's Update Tuesdays. On the second Tuesday of every month, Microsoft releases its performance and security updates for Windows, Office and its other software.

After years of sporadic updates, Google decided to adopt a similar model and release monthly security updates for Android. This month's update fixes a huge 39 vulnerabilities: 15 "critical," 16 "high severity" and 8 "moderate." So, what does that include?

The biggest fix was for a bug that could let a hacker take full control of an Android gadget by gaining root access. We went into detail last month about the bug, how it works and how you can stay safe until you get the patch.

The Android update also fixes problems in the Mediaserver and libstagefright libraries, which are what allow for the scary Stagefright flaws that put millions of Android gadgets at risk. In addition, Google fixed a number of other flaws that could allow hackers to sneak malicious apps onto your gadget.

Obviously, you want to update with the latest security fixes, but that's where things get tricky. Google's Nexus gadgets are getting the update right away. However, when and if you get the update depends on your gadget manufacturer and/or cellular carrier.

While some manufacturers such as Samsung and LG have committed to the monthly updates, they're often running behind. This author's Samsung smartphone is still only updated with the February update.

Some manufacturers provide security updates even more infrequently. Also, these patches are only for Android versions 4.4 and up. If you're running an older version of Android, you're out of luck.

What can you do in the meantime to stay safe? Most of these threats come through malicious apps in third-party stores. As long as you stick with apps in the Google Play store, you should be OK.

Even if you don't frequent third-party app stores, you might get an email or text phishing attack that tries to trick you into downloading and installing the app. You can minimize this risk by going to Settings>>Security and unchecking "Unknown Sources." Your gadget will now refuse to install apps that aren't from the Google Play store.

Next Story
Source: Threatpost
Top Story: Alarming new warning about ransomware (here's what you need to know)
Previous Happening Now

Top Story: Alarming new warning about ransomware (here's what you need to know)

This frighteningly affordable gadget can crack your phone's passcode in hours!
Next Happening Now

This frighteningly affordable gadget can crack your phone's passcode in hours!

View Comments ()