Home News Another Android Vulnerability Found That Exposes Device Information

Another Android Vulnerability Found That Exposes Device Information

Sep 5, 2018

We have another Android vulnerability to tell you about in which all of the device information can be exposed. There have been many different security issues and vulnerabilities we have told you about within the past year.

A lot of the time, these vulnerabilities exist because of the lag between Google releasing patching and the updates making it onto Android devices. Nightwatch Cybersecurity is the company that found the latest Android vulnerability that we wanted to tell you more about. Keep reading to learn how this new vulnerability works and how you can protect your Android device information.

Android Device Information Exposed in Latest Vulnerability

With this new security vulnerability, you have end up with your Android device information exposed. That is the warning coming out this week from Nightwatch Cybersecurity. This company just found the new vulnerability in Android.

This is not the first time that we have had to tell you about vulnerabilities in Android, and it actually happens quite often. The biggest issue is that there is so much of a gap between when Google patches vulnerabilities for Android and when those patches are released to devices. Due to the lag in between the two, there are many vulnerabilities that fall between the cracks.

The latest issue does include a fix, but only if you are on the newest Android version. The exposed device information means that someone could easily be spying on you. That is definitely not good news for those running older Android systems like Marshmallow or Nougat. Even Oreo is not out of the woods when it comes to this security vulnerability. Specifically, this vulnerability includes local IP addresses, name of your Wi-Fi network, MAC address, and the BSSID.

New Android Vulnerability Exposes Device Information & More

With all of the device information that could be exposed here, there is a huge risk for an application to be capturing all of these details. That means all or any permissions that would be needed are bypassed, and you might be spied on due to the vulnerability.

If you have Android Marshmallow or above, you do not have to worry about the MAC address being exposed. That is because the API responsible for the MAC address is no longer available after Android 6. All of the other information, such as DNS server information and the Wi-Fi network name, is still able to be captured on Android 6.

Sometimes apps will capture all of these device details for real and legitimate needs. Rogue apps are really the issue here, because those can end up tracking you for nefarious reasons. Once rogue apps collect this device information, then you might end up with sensitive information being disclosed. A malicious app could be running on your Android device and then spy on you using this common vulnerability. All versions of Android besides Android Pie, which is Android 9, are thought to be affected by this vulnerability.

How to Protect Your Device Information from Being Exposed

As for how you can protect your device information in the latest vulnerability issue, the biggest thing is to upgrade. You need to update if you can to Android Pie, which is Android 9. Pie is the only operating system that is not affected by this vulnerability. A lot of device manufacturers and carriers have not released the Android Pie update though. That means you are most likely going to be at risk for quite a while. Even worse, is that this vulnerability impacts other Android systems such as Amazon FireOS.

Google released a fix for this issue a couple months ago, but the fix is only going to those with Android Pie. If you have an older system, then you are not going to see this fix most likely. Google never said it would release a fix for the older operating systems. This could just be to get more people to update to Android Pie, although adoption rates of new operating systems are very slow on Android. The best thing you can do is update to Android Pie, and if you cannot do that, only download apps from trusted sources.