Half of All Android Devices Are Vulnerable to Attack

Android users who do not upgrade their operating systems when new versions become available jeopardize the security of their devices, according to new research from Web security firm Duo Security. That lag in upgrades means that almost half of all Android devices have vulnerabilities that could be exploited by a hacker to assume control of the device.

android device

Duo Security launched a free vulnerability scanning app for Android, X-Ray, last summer, and the preliminary data it collected revealed this troubling trend.

Android users tend to have outdated operating platforms because Android – which has the largest market share of any mobile platform – does not have a uniform timeframe for pushing out updates to its operating system, complete with security upgrades and patches. Instead, each carrier is responsible for pushing the updates out, each does so on its own timeline and users aren’t required to install the updates. Apple, on the other hand, pushes out updates of its iOS to all users at the same time, regardless of their carrier.

Duo Security’s X-Ray app scans Android devices for known vulnerabilities; attackers have targeted Android devices with malicious apps and other exploits for known vulnerabilities for several years.

“Since we launched X-Ray, we’ve already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary,” Jon Oberheide of Duo Security wrote in a blog post about the research results.

Oberheide went on to say that the 50 percent figure might be a conservative estimate, and that the research underscores the importance of installing updates as soon as they become available.

“As carriers are very conservative in rolling out patches to fix vulnerabilities in the Android platform, users’ mobile devices often remain vulnerable for months and even years,” he wrote.

  • Share
  • Pin It

Comments

  1. Matt says:

    Well what are supposed to do about these vulnerabilities? No one will push out updates for free to all android users… and thus why theres aniti-virus malware adware spoofs spam blockers and detectors…

  2. Nasser says:

    “Instead, each carrier is responsible for pushing the updates out, each does so on its own timeline and users aren’t required to install the updates. Apple, on the other hand, pushes out updates of its iOS to all users at the same time, regardless of their carrier.” U sure?

    1. Kaspersky Team says:

      You are right, they are not updating all devices.

      1. John McPherson says:

        Any mobile software available from Kaspersky?

        1. Kaspersky Team says:

          Hi John, Yes we have a mobile security solution that you can find here.

  3. Miche says:

    I bet most android users does not know that side of android’s OS. Its good than info like this has been but out there so they can be informed and aware, wheather they take the most correct steps to remain updated, is entirely upto them. Surely the creators of andriod should be releasing updates and patches readily avalible for users? If not then I suggest they do it

  4. SUBHASH C P says:

    Great News. I am A Great Fan Of Kaspersky. All The Best For Kaspersky Team