Last week security researchers announced a serious vulnerability in the Android OS. The vulnerability exposed a method for attackers to compromise most of the Android devices on most carriers throughout the US. Anyone that hasn’t yet implemented Mobile Device Management (MDM) for corporate networks should pay attention! The issue isn’t new – it’s been around since Android 1.6. Attackers can exploit the method that Android OS uses to validate app installs. Applications can be modified without changing the security signature of the installation package.
It’s important to take action quickly to implement mobile device security! The technical details of this exploit will be released at the Black Hat 2013 security conference on July 27th. Once the details are released it will be a short-matter-of-time before the vulnerability is targeted against commercial enterprise.
If you’d like to read more, check out the technical information here