Even Updates Don't Make Your Apps Safe, Says Study
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
If you own a mobile phone and use popular social networking applications, you are potentially exposed to the risk of getting your personal information breached. A study by Check Point Research has found that even the latest versions of apps such as Facebook, Instagram and WeChat hosted on the Google Play Store are open to security vulnerabilities.
“Even long-since fixed vulnerabilities can be critically important, as outdated code can find its way into even the most popular apps,” said Check Point.
Their research showed that potential threats can still execute code on the latest version of several mobile apps on the Play Store, notwithstanding the updates and subsequent patches that the developers have pushed.
The research firm said it checked the latest versions of popular applications for three known remote control execution vulnerabilities from 2014, 2015 and 2016.
An additional vulnerability was found on the Instagram app. Facebook notified the firm that Instagram wasn’t impacted by the same and a patch had been in place since it surfaced.
The firm clarified that the research was on the security of an app on the Google Play Store and did not focus on a specific vulnerability in a specific app.
Check Point said: “Just three vulnerabilities, all fixed over two years ago, make hundreds of apps potentially vulnerable to remote code execution. Can you imagine how many popular apps an attacker can target if he scans Google Play for a hundred known vulnerabilities?”
What Can Be Done?
These findings come on the back of rising voices around data privacy and the apparent lack of it in the digital world.
WhatsApp has recently found itself in the middle of massive backlash for multiple breaches on its platform while parent company Facebook and founder Mark Zuckerberg continue to face criticism for their handling of user data.
And while Check Point’s findings doesn’t zero in on any single app or company, they are still a major cause of concern.
“Mobile app stores and security researchers do proactively scan apps for malware patterns, but devote less attention to long-known critical vulnerabilities,” the firm said and concluded that there’s not much the end user - the consumer - can do to keep their mobile device fully secure.