Good news for Android users: the scary business of the Android vulnerability discovered by Bluebox Security may finally be at an end. According a ZDnet report, it appears that Google has found a fix for an Android security hole that potentially allowed attackers to convert roughly 99 percent of Android applications into malware.
The vulnerability was first noticed by researchers from BlueBox Security on July 4. According to BlueBox, the vulnerability in Android’s security model allowed attackers to convert the majority of Android applications into a trojan. The vulnerability has apparently existed since the release of Android 1.6 and could potentially affect any Android mobile device released over the last four years (roughly 900 million devices).
Hopefully the fix that Google has released to its OEM partners will put this issue to rest once and for all. Unfortunately the fix is only going out to Google’s partners, meaning that regular users will have to wait until their manufacturers can release an official software patch.
In the interim, Google’s Android Communications Manager, Gina Scigliano, told Mashable that users need not panic. “We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools,” she said. “Google Play scans for this issue — and Verify Apps provides protection for Android users who download apps to their devices outside of Play.”