Home Technology App Security Improvement Alerts Android Devs of 6 New Vulnerabilities – BleepingComputer

App Security Improvement Alerts Android Devs of 6 New Vulnerabilities – BleepingComputer

13 min read

Google announced the addition of six extra vulnerability warnings to the Application Security Improvement (ASI) program after previously announcing updates for the Google Play Protect, the built-in malware protection for Android.

Google’s ASI program is a service designed to detect potential security issues in apps uploaded by Android developers to Google Play to help them build more secure products.

When a vulnerability is found in an Android app submitted to the Google Play store, developers are warned through the Google Play Console and receive a detailed remediation procedure to remove the security issue, and an associated remediation deadline in some cases.

ASI helped developers fix over 1,000,000 apps

On the other hand, if no issues are found during the Application Security Improvement automated scan, the app submission process goes along as usual, with the app only having to go through the normal testing procedure before being published on the Play Store.

Currently, the Application Security Improvement program is running 24 warning campaigns with an associated deadline for remediation and 7 warning-only campaigns with no remediation deadline.

Out of the 24 that come with a remediation deadline active in the ASI program, six new security vulnerability classes were added by Google during 2018:

As detailed by Android Security & Privacy Team’s Patrick Mutchler and Meghan Kelly:

Over its lifetime, the program has helped more than 300,000 developers to fix more than 1,000,000 apps on Google Play. In 2018 alone, the program helped over 30,000 developers fix over 75,000 apps. The downstream effect means that those 75,000 vulnerable apps are not distributed to users with the same security issues present, which we consider a win.

Two days ago, Google also announced updates in the Google Play Protect malware scanning engine which runs in the background looking for malicious apps and, as the company says, protecting over 2 billion devices every day.

According to Google, Google Play Protect will now be enabled by default for all Google Play users, and will also show a warning whenever Android users open a new or rare app or launch a potentially harmful app.

While Google’s efforts to make the Play Store safer each year are more than laudable, it’s safe to say that there’s a long way to go until users will no longer have to fear getting infected with malware, having sensitive info stolen or ads pushed onto their devices by miscreants.

Let’s block ads! (Why?)

Source link

Check Also

Johnson & Johnson Recalls Baby Powder Over Possible Asbestos Contamination – Gizmodo

Loading...   Photo: Getty Images Johnson & Johnson announced a voluntary rec…