Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Dublin: 13°C Wednesday 10 August 2022

Google says this Android security flaw isn't as bad as you might think

A recent report suggested that 66% of Android devices were vulnerable to a new security flaw, but Google believes the real figure is lower.

Image: AP Photo/Jeff Chiu

GOOGLE HAS RELEASED a patch designed to fix a potential security issue but claimed that it isn’t as serious as first suggested.

Security company Perception Point found an issue in the Linux kernel, the core of its Android operating system, which would have allowed attackers a way to take over a device.

It said the flaw had “implications for approximately tens of millions of Linux PCs and servers as well as 66% of Android devices“, but there was no evidence that the flaw had been exploited by anyone.

However, Google responded to the report by saying the number of devices that are affected isn’t as great as claimed, and how it didn’t have the usual 90-day window to investigate the flaw before it was publically released.

“Since this issue was released without prior notice to the Android Security Team, we are now investigating the claims made about the significance of this issue to the Android ecosystem,” said Adrian Ludwig of Android’s security team. “We believe that the number of Android devices affected is significantly smaller than initially reported”.

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article.

Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.

Android breakdown Source: Android developers

Ludwig said that both its Nexus devices and Android devices with Lollipop (5.0) or greater are safe since they are protected by SELinux (Security-Enhanced Linux), a security measure that prevents third-party apps from accessing a device’s code. That amounts to a third of all Android devices released (33.3%).

He also said that “many devices running Android 4.4 (KitKat) or earlier do not contain the vulnerable code introduced in Linux kernel 3.8,” suggesting that most Android devices are safe.

Despite that, Google has released a patch that will be implemented on newer Android devices. It’s expected to arrive after 1 March.

Read: Too many tabs open? Here’s how you can snooze them for later >

Read: Amazon says its delivery drones are ‘more like horses than cars’ >

About the author:

Quinton O'Reilly

Read next: