Lookout Security experts have discovered a dangerous vulnerability that threatens 80% Android-smartphones (1.4 billion units). It allows you to capture data and to remotely install malicious software, according to the company’s website.
The vulnerability of the Linux kernel under the number CVE-2016-5696 has been demonstrated in early August.Android is also threatened – a problem typical for devices running Android 4.4 KitKat and above.
A security hole allows users to capture network traffic and obtain personal information. In addition, it can help to implement in the boot and a web page malicious software, to interrupt the connection to the Tor and other similar networks, conduct of DoS-attacks, etc.
What to do
According to experts, the vulnerability does not eliminate the early release of a new version of Android or 7 major upgrade to Android 6. In the meantime, to avoid attacks, you can only use the HTTPS-connection with TLS or VPN. If you have root access to Android (root-access), you can use sysctl tool and use it to set the value net.ipv4.tcp_challenge_ack_limit at 999999999 or another large number – this will not solve the problem, but would complicate hacking.
If you are more technically inclined, you can check if your device is vulnerable by running from an adb shell the following command: sysctl net.ipv4.tcp_challenge_ack_limit if the number reported is less than 1,000 (1,000 is the new number in the patch) your Android device most likely does not contain the necessary patch.
The good news is that hackers to attack each device will need at least a minute of time, so it is unlikely hacks are unlikely to be massive.
Let your friends know about a new dangerous vulnerability! Click on one of the buttons below to share news in social networks ↓