New vulnerability affects all Android versions prior to Oreo
Researchers have announced a new high-severity security vulnerability affecting the Android operating system.
All versions prior to Android 8.0 Oreo – the most recent update – are vulnerable.
Palo Alto Networks Unit 42 researchers found some malware that exploits certain vectors, but they said they are not aware of any active attacks against this particular vulnerability at present.
Since Android 8.0 is a relatively recent release, this means that nearly all Android users should take action today and apply updates that are available to address this vulnerability.
The researchers found a vulnerability that can be used to more easily enable an “overlay attack,” a type of attack that has already been encountered on the Android platform. An overlay attack is when an attacker’s app places a window over – or “overlays” – other windows and apps running on the device.
This can allow an attacker to convince the user they are clicking one window when, in reality, they are actually clicking on another.
According to the Palo Alto Networks researchers, the new vulnerability affects an Android feature known as Toast. Toast is a type of notification window that ‘pops’ (like toast) on the screen and is typically used to display messages and notifications over other apps.
Overlay attacks can also be used to give malicious software total control over the device. In a worst-case attack scenario, this vulnerability could be used to render the phone unusable, known as ‘bricking’ it, or to install any kind of malware, including ransomware or information stealing.
According to the researchers, this vulnerability could be used to take control of devices, lock devices and steal information after it is attacked.
An overlay attack can also be used to create a denial of service condition on the device by raising windows on the device that do not go away, which is what ransomware attackers do with devices.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.