Several high profile Android apps still have vulnerabilities discovered years ago
0Reported today on TechSpot
For the full article visit: https://www.techspot.com/news/82897-several-high-profile-android-apps-have-vulnerabilities-discovered.html
Several high profile Android apps still have vulnerabilities discovered years ago
Messenger, Instagram and WeChat are among hundreds of unpatched apps
Cutting corners: Research shows that trusting Google to be the best gatekeeper for the Play Store isn't the best idea. The company is putting a lot of effort into finding apps that are malicious or contain severe security vulnerabilities, but usually after letting them into the Store with as little vetting as possible. Experts are calling attention to a new point of attack that can even be used against some of the most popular apps.
Most people use smartphones without worrying about the security of essential apps we use in our daily lives. Google routinely removes apps that are found to contain malware or adware, as well as apps that are crafted specifically to dupe you into paying for subscriptions. And most of us would assume that updating our apps and mobile operating system to the latest revisions means that any potential for security vulnerabilities are reduced to a minimum.
It turns out that isn't the case, even for big name apps. According to a report from cybersecurity firm Check Point, there are tens of vulnerabilities that are found every day, some of them in the apps themselves and others in external shared code libraries that are used by those apps to enable specific features. Updating them to keep up with the most current security threats is a monumental task, so app developers have to prioritize which ones get fixed first.
The researchers decided to take a look at how many apps in the Google Play Store are currently still using vulnerable libraries. They hunted specifically for three vulnerabilities that are rated critical and were disclose