it.ucsf.edu

Security Update:Almost 1/2 Android Users Vulnerable to Being Hijacked

Status Type

Security Update

Date and Time

Tuesday, March 24, 2015 - 16:33

Reason

Security Update

Impact

Android Users

WHAT HAPPENED?

A widespread vulnerability in Google’s Android operating system, named Android Installer Hijacking, which is reported to affect 49.5% of all current Android users, was recently discovered.

The vulnerability exploits a flaw that allows attackers to hijack the installation process of a seemingly safe third-party Android application and replace it with a malware-infected app of the attacker's choosing.

Advanced Users: For a complete description of the vulnerability, refer to Palo Alto Networks Android Installer Hijacking Vulnerability Could Expose Android Users to Malware at http://researchcenter.paloaltonetworks.com/2015/03/android-installer-hij....


AFFECTED SYSTEMS:

  • Android versions 4.3 and earlier

 

WHAT'S THE PROBLEM?

Users who think they're accessing legitimate applications with approved permissions may instead be exposed to data theft and malware.


HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your device, check with your device’s manufacturer for updates.



RELATED LINKS