Antivirus company Symantec announced the discovery of a new vulnerability in the operating system Android, allowing inject malicious code into legitimate applications, and it does not disrupt their digital signature.
According to the corporation, which means that even experienced users will not be able to say with absolute probability, infected application or not.
As you know, Android-applications must be digitally signed, which certifies the immutability developer code. Also in this system is the permissions at the application level: the users themselves should resolve the software somewhere to perform any operations. A digital signature confirms the permanence of code given rights to the application.
Discovered vulnerability in Android allows to hide malicious code within a legitimate program and, using the provided access rights to perform critical, from the user point of view, the action.
At present, the information about the vulnerability is available on the Internet and use it very easily.
Experts recommend that users of Android-devices that want to protect themselves from the infected applications that use the vulnerability to install mobile antivirus Norton Mobile Security, regular updates which “provide reliable protection against all current threats.”
Read another very interesting article about alternative energy of the Sun, water and air.