• Home
  • Mobiles
  • Mobiles News
  • Android Devices Running Versions Below Android 9.0 Pie Vulnerable to Tracking by Apps: Researchers

Android Devices Running Versions Below Android 9.0 Pie Vulnerable to Tracking by Apps: Researchers

Android Devices Running Versions Below Android 9.0 Pie Vulnerable to Tracking by Apps: Researchers

Researchers say Android devices are vulnerable to the security issue, except those running Android Pie

Highlights
  • Newly discovered Android security flaw can be used to track users
  • The vulnerability can expose details to all the apps in your device
  • Google apparently fixed the flaw with Android 9.0 Pie only
Advertisement

Researchers have pointed out an Android security flaw that apparently exposes details about a user's device to all applications running on the device. Google has provided a fix for it in its latest Android version - Android Pie - but older versions are still vulnerable to the issue, researchers claim. The vulnerability essentially allows apps to move past permissions to get access to information found in system broadcasts. It includes details such as the name of the Wi-Fi network that the Android device is using, the MAC address of the device, local IP addresses, BSSID, and DNS server information. All of this leaves the devices easy to locate and track.

The Android security flaw (CVE-2018-9489) was found by researchers from Nightwatch Cybersecurity, who have warned that the vulnerability can be used to "uniquely identify and track any Android device" and also to "geolocate users". While the advisory mentions all the information that the apps can access, it also states that some of the details such as MAC address are no longer available via APIs on Android 6 and higher. Also, extra permissions are usually required to get access to such information. However, the report adds, by listening to system broadcasts, any app on Android devices can get the information "thus bypassing any permission checks and existing mitigations."

Meanwhile, the report claims that Google has fixed the security flaw with Android 9.0 Pie. Unfortunately, the availability of the final build is currently limited to only Google's Pixel range of smartphones and tablets, and the Essential Phone. A recent report revealed that the share of Android smartphones running Android Pie was less than 0.1 percent in August. The Nightwatch Cybersecurity report says that Google is not planning on fixing this flaw on older versions of the OS.

It is also worth mentioning that not only smartphones with older Android versions are vulnerable to this flaw, but also devices running a forked version of Android are also vulnerable. Devices such as Amazon Fire Phone and Fire Tablets run forked versions of Android.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google, Android
Facebook Releases fb.gg Android App, Currently Restricted to the Philippines: Report
Asus ZenFone Max Pro M1 FOTA Update Brings Improvements to Selfie Camera, Fingerprint Sensor
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »