Android phones come with pre-installed vulnerabilities

0

A new study made by security firm Kryptowire states that Android Phones are coming with pre-installed vulnerabilities that could impact smartphone users in a severe way. This Virginia based startup which offers Mobile Enterprise Security solutions says that such vulnerabilities don’t require a user to download malicious apps as they come already installed on the Smartphone.

Kryptowire research says that almost all major smartphone suppliers like Asus, Samsung, Sony, Xiaomi, LG and Nokia are offering apps filled with vulnerabilities that are hard to remove.
 
The study was a part of the security company’s service of the automated discovery of vulnerabilities and exploit generation research and development program, partially funded by the Department of Homeland Security (DHS).  Thus, as a part of this program, the company scanned android devices from more than 29 vendors( from entry-level to flagship companies) and discovered that almost all phones come pre-loaded with apps filled with proof of concept exploits- that can be exploited by hackers in near future.

Kryptowire discovered that most of the devices came with apps that had exploits such as command execution, wireless settings modification, dynamic code loading, and audio recording features.

Samsung has reacted to the issue and said that the vulnerable apps notified by Kryptowire have already been smartly protected. The company assured that as these apps come deeply buried in the OS systems, removing them is not possible. But protecting them in a smart way is possible and has already been done.