The Android platform for smart phones has proved to be a money spinner for its handset manufacturers with sales going up exponentially. However, some or the other vulnerability keeps cropping up from time to time, dampening the success to an extent. The latest one is the futex liability that affects all Linux kernels used by Android. This was recently used to successfully root a device like Galaxy S5 for the very first time.
Earlier threat still looms large
How does the vulnerability help attackers?
That is not all. The attacker can even merge this kind of an execution attack with one of the many privilege escalation threats or liabilities that have been affecting the different Android versions. They can then run root commands so that they can get total control over such gadgets.
Google implements the fix
The issue stems from the fact that in order to ensure compatibility with a wider spectrum of gadgets, ad frameworks and other apps are being developed against pretty low API versions. The consequence is also that such an app becomes vulnerable even as it is running on fully patched devices of Android versions 4.2, 4.4 and 4.3.
The overall stats do not look perturbing at 13% of apps being possibly susceptible to attacks. But since apps are all not created equal with some very popular than others, the more in demand ones can affect a large user base and that is something Google must fix at the earliest.