Just after mobile security startup bluebox security went public with details of the masterkey android vulnerability, security buffs are all blazing after news of yet another security hole. The latest vulnerability was discovered by Chinese mobile firm, the Android Security Squad.
Details of the new security hole are now available to the public.
The flaw allows an attacker to manipulate legitimate android APK into executing malicious code. By modifying an application’s .dex file to be a specific size (less than 64 KB), an attacker can possibly instruct the system to skip valid code and instead run malicious code.
The Bluebox Security flaw unearthed by Jeff Forristal works in a similar way, but employs a different approach. Bluebox first signaled Google about the attack in February this year, but went public with the details recently ahead of the Black Hat conference scheduled to start at the end of this month in Las Vegas. Bluebox also developed a free scanner app for users to find whether their devices were affected. The security vulverability has been on android for the last four years, and affects all android handsets with the exception of the Samsung Galaxy S4 (as observed from tests so far).
Bluebox Security Scanner
Google has since sent patches to OEMs with regards to both forms of vulnerabilities. However, OEMs can take months before they release a fix for their specific devices.
Avoid Third Party App Stores
Upon revelations of the vulnerabilities, Google also banned app updates outside the Play update mechanisms. However, the filter won’t help the millions of users who install apps directly from third party stores.
This means that android users remain vulnerable to both forms of attacks for as long as OEMs have not released their fixes.
To many users relief, a new Android tool was released by Due Security in collaboration with NWU to tackle the problem. The new tool, going by the name ReKey, is available for downloads in the Google play store. Although the new tool is working for most android devices, it is not without complaints. Some users have complained about their handsets being stuck in bootloop after install. The tool is designed to work on rooted android devices.
Given all these observations, one obviously wonders; where is android security headed? Google obviously needs to do more with those code reviews and inspections.