Company said it has shared patches for the gap with OS device manufacturers
An application that allows users to gain full control on Android devices is taking advantage of a security flaw in the core Linux kernel that remained unrepaired in Android since it was discovered two years ago.
The bug was originally fixed in the Linux kernel in April 2014, but was not flagged as a vulnerability until February 2015 when its security implications were understood and received with the CVE-2015-1805 identifier. Still, the repair was not directed to Android, which is based on Linux Kernel.
It was only on February 19 that security experts C0RE Team notified Google that the vulnerability could be exploited on Android in order to gain privileged access.
Google had started working on a patch that was scheduled to be included in a future monthly update, but on 15 March, researchers Zimperium security company warned the company that this vulnerability was being used to gain root access (the root of the system).
Rooting refers to the process of removing security restrictions usually forced on Android for third-party applications and giving full control over the device.
The method is used by the operating system enthusiasts to unlock the functionality that is not normally available on their devices, but can also be exploited by malware.
So, rooting tools are not allowed on Google Play and its installation is detected and blocked locally through the Verify Apps scanner, built-in Android.
“Google confirmed the existence of a rooting application that abuse of this vulnerability in the Nexus 5 and Nexus 6 to provide the device user privileges to the root system,” Google said in a security advisory.
While this rooting tool particularly is not classified as malicious, there is the danger that cybercriminals can exploit the same vulnerability to spread malware.
Google has shared patches for the gap with handset manufacturers and also published on the Android Open Source Project (AOSP) for versions 3.4, 3.10 and 3.14 of Android kernel. Versions above 3.18 are not available.
The company plans to include the patches each month from April to its Nexus devices. Meanwhile, users are advised than lowering applications only from Google Play and enable the Verify Apps. Devices that are listed with the March 18 security patch this year are already protected
.
No comments:
Post a Comment