Unpatched Android Flaw Lets Apps Gain Full Access Even With Zero Permissions [Security Issue in Android Lets Apps Take Full Control of Smartphones & Tablets Even Without Asking for Permissions; All Versions, Even Ice Cream Sandwich Vulnerable]

Posted on TFTS by J. Angelo Racoma on Wednesday, 21. December 2011 under: Computers & Computing, Internet Highlights, Mobile/Cell Phones, PCs, Notebooks, Netbooks & Tablets

The user is usually the best line of defense against malware in any computer system. After all, it’s the smartphone or tablet user who downloads apps and gives authorization when the app wants access to the phone’s hardware and operating system. But a flaw in Android lets apps gain access to features even without users allowing it.

Android is perhaps one of the least secure mobile operating systems, if only because of its openness. Unlike Apple, Google does not enforce strict screening and review for apps submitted to Android Market. Still, Google has been proactive in removing and killing apps that are found to contain malware, such as those that steal information from smartphones, send SMS messages to premium numbers, or eavesdrop on conversations.

Most of the time, it’s the users who are responsible for malware invasion, particularly when they download an errant app, or grant privileges to secure areas of the mobile OS. However, a flaw in Android lets applications gain full privileges even without the user granting access. Researchers from ViaForensics have provide that Android’s security system can be bypassed, giving shell access to an application by tunneling through apps that do have permissions, such as the Android web browser.

According to Thomas Cannnon, R&D director with ViaForensics, the vulnerability has existed for some time now, although the flaw has not yet been patched. He has demonstrated the vulnerability using a test .APK that masquerades as a game. Android versions 1.5 onwards are said to be vulnerable. Likewise, the security researcher has found other flaws in Android, including storing unencrypted files from the Email app to external microSD storage, and storing Google Wallet transaction details in an unencrypted database file.

While users wait for Google to patch the flaw, virtually any application could be the source of an attack, even if a user does not explicitly authorize access. As such, it would be a good idea to install apps only from trusted sources. You can check out the video below for a demonstration of the vulnerability.