An estimated 80 percent of Android smartphones and tablets running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux kernel flaw that allows hackers to terminate connections, spy on unencrypted traffic or inject malware into the parties' communications.
Even the latest Android Nougat Preview is considered to be vulnerable. The security flaw was first appeared in the implementation of the TCP protocol in all Linux systems deployed since 2012 (version 3.6 and above of the Linux OS kernel) and the Linux Foundation has already patched the Linux kernel on July 11, 2016.
However, the vulnerability (CVE-2016-5696) is now affecting a large portion of the Android ecosystem. According to a blog post published Monday by mobile security firm Lookout, the Linux flaw is present in Android version 4.4 KitKat and all future releases, including the latest developer preview of Android Nougat. This means that 80% of all Android devices in use today, which is nearly 1.4 Billion devices, are vulnerable to attacks, enabling hackers to spy on your communications without even compromising your network via man-in-the-middle-attack.
However, the good news is that the Linux vulnerability is complicated and difficult to exploit, but the risk is there especially for targeted attacks. "While a man-in-the-middle attack is not required here, the attacker still needs to know a source and destination IP address to successfully execute the attack," Lookout stated in the blog post. Windows and Macs are not affected by the vulnerability. According to Google, engineers are already aware of the vulnerability and are "taking the appropriate actions" to fix the issue, a Google representative told. So, it is likely that a patch for Android will arrive soon.
Temporary Mitigation:
- Make sure your Internet traffic is encrypted: Apps you use and Websites you visit should employ HTTPS.
- Use a Virtual Private Network (VPN).
