According to ZDNet, “It doesn’t get much scarier than this. Bluebox Security claimed to have discovered a vulnerability in Android’s security model that could allow attackers to convert 99 percent of all applications into Trojan malware. Google has told ZDNet that the hole has been patched and that it has been released to original equipment manufacturers (OEM)s.”
Bluebox Security CTO, Jeff Forristal, says that the Master Key flaw has been “around at least since the release of Android 1.6, [and] could affect any Android phone released in the last four years — or nearly 900 million devices.”
Android Communications Manager at Google, Gina Scigliano, confirms “that a patch has been provided to our partners – some OEMs, like Samsung, are already shipping the fix to the Android devices.”
She adds, “We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools. Google Play scans for this issue – and Verify Apps provides protection for Android users who download apps to their devices outside of Play.”
Wondering when your OEM will roll out the patch? We’ll keep you posted once we hear anything official from the OEMs.
Check out our website for more prices and deals on the Samsung Galaxy S4 white.