Wednesday, July 10, 2013

UPDATE: Android "Master Key" Security issue

Some updates on the Android "Master Key" issue brought up by Bluebox Security.

Per THIS article at TechCrunch, Google has patched the issue.

HOWEVER, before anyone starts to think this is over, keep in mind this means that Google has created a patch and given it to their partners.  THEY then need to test this patch with their released versions of Android for their devices (and realize that this issue goes back to earlier versions of Android which most manufacturers are no longer patching).  And THEN they will release the patch to the carriers so they can test it before its released.  This isn't like Windows Update.

As noted, most of the manufacturers are only maintaining the newer versions of Android they've released (usually just Jelly Bean), so who knows what this means for those stuck at prior versions.

Also, Bluebox has created a scanner that will tell you if you Android device is vulnerable.  I thought THIS article was a pretty good response to that news.

3 comments:

  1. Thanks for providing recent updates regarding the concern, I look forward to read more http://www.firstsecurityservices.com

    ReplyDelete
  2. HOWEVER, before anyone starts to think this is over, keep in mind this means that Google has created a patch and given it to their partners. THEY then need to test this patch with their released versions of Android for their devices. server room protection

    ReplyDelete