Half of all Android phones are still vulnerable to a massive privacy bug – here’s how to protect yourself
Software update delays are an inevitability because of the way the Android ecosystem is built, but these delays aren’t just an annoyance for Android users — they can be dangerous. A bug was discovered by security researcher Rafay Baloch in early September, and it caused Android’s stock web browser to fail to enforce same origin policy (SOP), which is a protocol that governs how browsers securely load content from multiple sources. The bug impacted all pre-KitKat devices, and it was patched fairly quickly by Google.
But because it takes so long for handset makers and carriers to test and distribute Android updates, a new study has determined that nearly half of all Android phones are still affected by the bug.
FROM EARLIER: ‘Fake ID’ security flaw could be the greatest threat to Android phones yet
As noted by ZDNet, Rapid 7 security researcher Todd Beardsley described the bug as a “privacy disaster,” making it so that “any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page.”
According to the security experts at Lookout, the bug still affects about 45% of Android phones and tablets running Lookout software. This is likely a very good gauge, as Lookout’s software is currently in use on more than 100 million devices.
“We believe our userbase offers a good look at how Android users overall are being affected by vulnerabilities such as this one,” Lookout’s Jeremy Linden and Meghan Kelly wrote in a blog post. “Our country-by-country data reveals some surprising stats about where people are most vulnerable. Japan is the most vulnerable with 81% of Lookout users in the region with the unsafe browser installed. Spain takes second place with 73%. Phones in those regions may receive updates less frequently, thus they are more likely to be vulnerable. The U.S., on the other hand, has a lower risk because the average age of phones is also much lower. Therefore, fewer of them are vulnerable.”
As noted by Lookout, here are the steps you should take to protect yourself:
Here are instructions on how to install the Chrome browser on your Android device*:
More from BGR: This month’s most exciting Android announcements may come as soon as next week
This article was originally published on BGR.com
Related stories
Google is testing out a sweet way for you to preview Android apps before buying them
BlackBerry is still beating Android and Windows Phone where it matters most
This month's most exciting Android announcements may come as soon as next week
