Short Bytes: Last week, we reported about the serious TCP flaw in Linux kernel that can hijack Linux devices in 60 seconds. Now, according to a report by security firm Lookout, the same flaw also affects around 1.4 billion Android devices. It’s expected that Google will release a fix for the same in the upcoming Android release. For the time being, Android users are advised to use encrypted apps and VPN.
This flaw first appeared in all Linux kernel versions between 3.6 and 4.7. If left unnoticed, this flaw facilitates a range of blind off-path TCP attacks with a success rate of 90%. The first vulnerable Linux kernel version was also used to create the Android KitKat.
“If you’re running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack,” said Andrew Blaich, a security researcher from Lookout.
The security firm found that a patch for the Linux kernel was pushed by the Linux Foundation on July 11, 2016. However, when the latest developer preview of Android Nougat was checked, the kernel wasn’t patched against this flaw. It makes perfect sense if we assume that the patch was not available to the older versions.
Well, carrying out this attack is not easy as the source and the destination IP addresses are required. But, this might not be a problem for the attackers who have a privileged access to the network, like ISPs and governments.
VPN and encryption can protect Android users
The Lookout team recommends the use of encrypted apps, HTTPS, and VPN to defeat this flaw. If you are a technical user, the Lookout team has something more for you:
A Google representative has told Ars that they are already aware of the vulnerability and taking required actions. Google has also termed the flaw ‘moderate’, as opposed to ‘high’ or ‘critical’.
Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.