Jump to content

Most Android users running outdated security patches: report


CrAKeN

Recommended Posts

android-logo-generic-hai.jpg

 

Most Android phones are don't have the latest security patch -- despite efforts by Google to distribute software fixes monthly via phone carriers -- researchers at Skycure found.

 

A cybersecurity company found that 71 percent of Android users on major US carriers are easy targets for hackers.

 

Chances are, your Android phone would be easy pickings for hackers.

 

That's according to research released Thursday by cybersecurity company Skycure, which found that 71 percent of Android phones on the five major US carriers haven't been patched with the latest security updates. That could be because users haven't installed updates, or because they haven't received them from carriers.

 

The report highlights the risks posed by not updating smartphones, and the challenges Google faces in delivering security updates to Android users.

 

Why should Android users be worried about staying up to date on their security updates? In the hacking world, security updates show bad guys all the ways that phones, computers or other devices can be compromised. For example, an Android security update in December patched a flaw nick-named "Dirty Cow" that could have let hackers get root privileges -- essentially the keys to the kingdom -- on an Android phone.

 

So if you don't (or can't) update, hackers can build tools to break into your phone. Patching makes these hacking tools useless.

 

"Malware, network attacks and advanced exploitation campaigns many times depend on unpatched vulnerabilities to be successful," Yair Amit, co-founder and chief technical officer at Skycure, said in a statement.

 

The carriers in the Skycure study are T-Mobile, MetroPCS, AT&T, Verizon and Sprint. T-Mobile (which merged with MetroPCS in 2013) didn't immediately provide a comment. Sprint, Verizon and AT&T didn't immediately respond to requests for comment.

 

Google declined to respond to the Skycure report, but a spokesman pointed to its report published Wednesday on Android security, which gave details on the company's efforts to distribute monthly Android security updates. These updates have to first go to carriers like those listed in the Skycure report before they can be sent to users' phones.

 

"We released monthly Android security updates throughout [2016] for devices running Android 4.4.4 and up -- that accounts for 86.3 percent of all active Android devices worldwide," members of the Android security team wrote in a blog post about the report on Wednesday. The report also said the company improved its ability to stop dangerous apps from getting onto the Google Play store and then to users' phones.

 

But Android acknowledged there was "a lot of room for improvement" in its security update process. "About half of devices in use at the end of 2016 had not received a platform security update in the previous year," members of the Android security team wrote in their blog post.

 

Source

Link to comment
Share on other sites


  • Views 503
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...