A new security report from Trend Micro says that the mobile development industry should be concerned about vulnerabilities in Android devices and the difficulties inherent in patching those devices. It said that 75 percent of Android users were impacted by both the FakeID vulnerability and Android browser flaws, which it said was “a big challenge to developers.”
The report continued, “Take, for one, the FakeID vulnerability that allows apps to impersonate legitimate ones. The Same Origin Policy bypass vulnerability also opens up Android’s default browser to serious risks: attackers could potentially gather data from users who input their information on legitimate Web sites. Although Google has released patches for these vulnerabilities, these donot always reach the majority of users because mobile patch deployments rely on device manufacturer and telecom providers.”
The report added that Android fragmentation exacerbates security concerns.