A Linux bug revealed earlier this month also potentially puts up to 80 percent of Android devices at risk, according to security firm Lookout.
The TCP vulnerability—revealed by researchers from University of California, Riverside and the U.S. Army Research Laboratory—”allows an attacker to remotely spy on people who are using unencrypted traffic or degrade encrypted connections.”
Since Android is based on the Linux kernel, any Android-based device running Linux Kernel 3.6 is affected, Lookout said this week. Android versions running 4.4 KitKat or above—about 80 percent of all Android devices, according to data from Statista—are therefore at risk, it estimates.
“The issue should be concerning to Android users as attackers are able to execute this spying without traditional ‘man-in-the-middle’ attacks, through which they must compromise the network in order to intercept the traffic,” according to Lookout.
Still, Lookout said the flaw is of “medium severity,” since exploiting it isn’t easy. A patch was released on July 11, but “checking the latest developer preview of Android Nougat, it does not look like the Kernel is patched against this flaw.”
As a result, “if you’re running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack,” Lookout said.
For now, Lookout recommended that users encrypt communications and use HTTPS connections whenever possible. Coding on rooted Android devices can also be modified to enhance security.