Overnight a number of warnings have gone out to the Security Community about a new CRITICAL security flaw in Android.
The new flaw is named “Dirty Stream” and allows malicious apps to easily hijack legitimate apps.
Currently there is very little protection from this flaw until Google releases a security patch and app developers release updated versions of their apps.
SecureSphere is expecting that Google will move quickly to release a security patch for this flaw and that app developers will quickly release updated versions of their apps with this flaw fixed.
However, there are a couple of easy things users can do to help to protect themselves in the meantime.
1.) Limit the number of apps installed on a phone and/or tablet.
- The idea behind this is the fewer apps you have, the less likely that one of them may turn out to be malicious. Before installing any new app, first ask yourself whether or not you actually need it.
2.) Ensure that Google Play Protect is enabled and set to do regular scans of your phone and/or tablet.
- Google Play Protect works by scanning both your existing apps and any new ones you download for malware.
NOTE: This security flaw has been seen being abused in the wild in a number of apps and it is currently unknown how many apps are currently vulnerable, which means that this flaw impacts multiple apps with hundreds of millions of installs across the globe.
It should also be noted that older model Android phones and tablets may not be getting updates from Google and/or their phone manufacturer and these devices will continue to be vulnerable to this CRITICAL security flaw and other known MAJOR and CRITICAL security flaws. SecureSphere strongly advises that these devices should be retired and replaced with newer models that are getting regular updates from Google and/or their phone manufacturer.
If you would like help with making sure that your Android devices (phones and/or tablets) have Google Play Store installed and enabled and that Google Play Protect is also enabled and set to scan your phone and/or tablet on a regular schedule, or would like to discuss retiring an older model Android device and replacing it with a newer model device, please feel free to get in contact with us.