Advertisement

Google denies Linux flaw is a serious Android security issue

The search giant released a patch anyway, though.

Red Hat and security company Perception Point recently revealed a Linux flaw they say could affect servers, PCs and up to 66 percent of Android phones on the market. The vulnerability directly affects the OS's kernel, and could give attackers a way to gain code execution and take over a device, according to Perception Point. Google, however, fired back strongly at the claim, particularly because it wasn't given the usual window to address the flaw before it was publicly released. "Since this issue was released without prior notice to the Android Security Team, we are now investigating the claims ... [however,] we believe that the number of Android devices affected is significantly smaller than initially reported."

Google said that Android 5.0 and later devices, including its Nexus smartphones, are protected by a new layer of security called the Android SELinux policy, which prevents third-party applications from accessing the code. Furthermore, it said that "many devices running Android 4.4 and earlier do not contain the vulnerable code introduced in Linux kernel 3.8," ruling out a large percentage of older devices. Nevertheless, Google has released a patch that will be required on all Android devices with Google's latest security standards. If you own a recent Android-based smartphone, expect to see the fix pushed to your phone in the coming days.