2015 has not been a great year for Android. Android has been surrounded with multiple controversies and to add fuel to all this IBM has found a new vulnerability which is expected to effect 55% of Android users. This new vulnerability is severe and advance users can make the most out of it.
According to IBM security team:
“In a nutshell, advanced attackers could exploit this arbitrary code execution vulnerability to give a malicious app with no privileges the ability to become a ‘super app’ and help the cyber criminals own the device,”
“In addition to this Android serialisation vulnerability, the team also found several vulnerable third-party Android SDKs which can help attackers own apps.”
So, all those users who are into rooting Android devices and do not take any care while installing 3rd party applications are at a serious risk.
The security team of IBM has classified this new vulnerability as CVE-2015-3825 just because it is a major vulnerability found in the core programming of Android. According to the latest update, this vulnerability is found in every Android version since Jelly Bean. This means that around 55% of Android users will be effected by this vulnerability.
IBM team also added:
“The single vulnerable class that we found in the Android platform, OpenSSLX509Certificate, was enough to take over the device using our attack technique,”
This is a serious vulnerability and hackers can use simple applications to exploit it and gain full control over your Android smartphone. This puts your personal information and data at serious risk.
However, we have not heard any official statement from Android. If in case we get anything we will update our post.