Report: Android exposed a loophole in the millions of users at risk




Company “Rapid 7” published Rapid7 specialized develop digital security tools, and developer of the tool “Mitasploat” Metasploit famous, a report Google Inc., accusing exposing millions of Android users at risk, due to the stoppage of sending security updates to the tool “Web View” WebView devices operating issuing Android 4.3 and below.

WebView tool is programmatic element that allows application developers to show web pages within their applications without having to open it in an external browser. Some applications are built completely depending on the WebView and some of this component is used only within certain parts of the application.

According to the report, Google stopped fix security holes in WebView and the versions of Android 4.3 (Jelly bean) and before, having dispensed with once and for all WebView since version 4.4 (Kit Kat) and replaced it with a new version of WebView based on “Chrome”.

The report states that Google stopped Reload security WebView quietly and without prior notice, after mind that the version of Android 4.3 may become out of date since the company released the latest version Android 5.0. But Rapid company estimated 7 Android phones vulnerable to potential injuries because of the gap by about 930 million phone.

According to Rapid7 the WebView contains many security vulnerabilities that can be exploited by hackers to tamper with users and steal their information and data, including what has already become known gaps, so that the company has provided within the tool security Metasploit being developed, and used by all of security experts and hackers on the extent either.

According to Rapid7 they continued with Google on this issue, and the answer was the company that Android is open source, and that it welcomes the reforms of private security gaps sent by developers and experts in order to add to the Android and media partners in order to update their phones to fill these vulnerabilities, but Google itself completely stopped support for previous versions of Android 4.4. According to Rapid7 reliance on the open source community to resolve gaps and sent to Google’s policy may not be effective enough.

To avoid any potential dangers of security experts advised users of mobile operating issuing Android 4.3 and below not to download applications only from trusted sources and avoid clicking on suspicious links.

It is noteworthy that Google has not officially issued comments on this issue yet.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »