#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 18°C Monday 18 October 2021

Google says this Android security flaw isn't as bad as you might think

A recent report suggested that 66% of Android devices were vulnerable to a new security flaw, but Google believes the real figure is lower.

Image: AP Photo/Jeff Chiu

GOOGLE HAS RELEASED a patch designed to fix a potential security issue but claimed that it isn’t as serious as first suggested.

Security company Perception Point found an issue in the Linux kernel, the core of its Android operating system, which would have allowed attackers a way to take over a device.

It said the flaw had “implications for approximately tens of millions of Linux PCs and servers as well as 66% of Android devices“, but there was no evidence that the flaw had been exploited by anyone.

However, Google responded to the report by saying the number of devices that are affected isn’t as great as claimed, and how it didn’t have the usual 90-day window to investigate the flaw before it was publically released.

“Since this issue was released without prior notice to the Android Security Team, we are now investigating the claims made about the significance of this issue to the Android ecosystem,” said Adrian Ludwig of Android’s security team. “We believe that the number of Android devices affected is significantly smaller than initially reported”.

Android breakdown Source: Android developers

Ludwig said that both its Nexus devices and Android devices with Lollipop (5.0) or greater are safe since they are protected by SELinux (Security-Enhanced Linux), a security measure that prevents third-party apps from accessing a device’s code. That amounts to a third of all Android devices released (33.3%).

He also said that “many devices running Android 4.4 (KitKat) or earlier do not contain the vulnerable code introduced in Linux kernel 3.8,” suggesting that most Android devices are safe.

Despite that, Google has released a patch that will be implemented on newer Android devices. It’s expected to arrive after 1 March.

Read: Too many tabs open? Here’s how you can snooze them for later >

Read: Amazon says its delivery drones are ‘more like horses than cars’ >

About the author:

Quinton O'Reilly

Read next: