About half of all Android phones contain at least one vulnerability that could be used to take control of the device, according to new research. Duo Security, which launched a free vulnerability scanning app for Android this summer, said their preliminary data from users shows a huge number of the devices are vulnerable to at least one of the known Android flaws. Read More ..
The X-Ray app from Duo scans Android devices for a set of known vulnerabilities in a variety of the Android releases. Many of them are flaws that attackers have used in the last few months. The main issue with Android security and patches is that each carrier is responsible for pushing out new versions of the operating system to its users and they all do it on random timelines. There's no set interval for updates and users don't have to upgrade, so there's a good chance that many users are running older, vulnerable versions of Android at any given time.
And that's exactly what the data Duo collected from the 20,000 devices on which X-Ray is installed shows: There are a lot of vulnerable Android devices floating around out there.
"Since we launched X-Ray, we’ve already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary," Jon Oberheide of Duo Security wrote in a blog post on the results.