Security bug leaves older Android devices open to attack
A security vulnerability on Google’s Android OS has exposed users’ text messages, call histories and other sensitive data for the past five years.
The security firm FireEye has released a blog post detailing how it affects smartphones running Android 4.3 Jelly Bean as well as earlier versions of the OS. The bug, which has been indexed as CVE-2016-2060, allows apps to access sensitive user data by taking advantage of Android’s permission system.
All of the Apps on Google Play request permission from their users regarding whether they are able to use the system’s camera or have access to the device’s contacts. By exploiting the bug, an app could gain access to much more personal information than it ought to be.
The mobile chipmaker Qualcomm first released this bug into the wild when it created a set…
Read the entire article from ITProPortal here: Security bug leaves older Android devices open to attack