Android's Fake ID Could Put Millions in Jeopardy

An Android vulnerability that exists in every version from v2.1 Eclair to v. 4.3 Jelly Bean could expose millions of users, Bluebox Security has warned. The flaw lets attackers fake the certificates of specially privileged parties, such as Adobe and Google Wallet, and serve them up with malware that bypasses detection by Android. Attackers then can take over every application running on an Android device. The flaw, which BlueBox calls -- what else? -- "Fake ID," also might impact Android forks, including Amazon's Fire OS.



from TechNewsWorld http://ift.tt/1qmwZcY