Security research firm Palo Alto Networks has revealed the existence of a vulnerability in Android versions 4.2 and older (currently present on 42.5 percent devices), which allows an attacker to modify or replace an Android app with malware without user knowledge at the time of installation.
Dubbed as Time-of-Check to Time-of-Use (TOCTTOU) vulnerability, it was first discovered in January 2014 and reported to Google soon after. The Android security team has since released a patch for Android versions 4.3 and above, but older Android versions still remain vulnerable.
According to Palo Alto Networks, once installed a malicious app can get full access to a compromised device, including usernames, passwords, and sensitive data. If your Android device runs on Android 4.3 or above, you have nothing to worry about, however Palo Alto Networks has noted that there is a chance some Android 4.3-based ROMs are also affected by the vulnerability as they don’t include the patch released by Google. So, you can check if your Android 4.3 device is safe or not by installing and running this scanner app from Google Play.
What to do if your device is running Android 4.2 or below:
- Always download apps from trusted sources like Google Play or official website
- If you use Amazon Appstore, make sure you have the latest version of the Appstore
You can read about the technical nitty-gritties of the vulnerability and how it impacts the Android devices at the Palo Alto Networks website.