A flaw that was previously discovered in the Android operating system’s Linux kernel is now believed to impact four in five devices, an estimated 1.4 billion Android devices.
The vulnerability allows an attacker to take over a device’s internet traffic through a TCP connection, enabling secure connections to be exposed in nearly 80 percent of all activated Android devices across the globe.
According to Hacked, not only can attackers utilize the security flaw to obtain unencrypted traffic but also destroy encrypted traffic.
“We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9 percent of the Android ecosystem,” security firm Lookout explained in a blog post.
Despite the fact that a patch was released on July 11, the latest version of the operating system does not include it. Lookout suggested that timely fixes be released until all Android devices have their Linux kernels updated.
“We are not aware of PoCs exploiting this new vulnerability and anticipate Google will patch in the next Android monthly patch. In the meantime, we will continue to monitor for exploits,” the advisory from Lookout continued.
The most recent flaw was discovered by Perception Point earlier this year, and the cybersecurity firm indexed it as CVE-2016-0728. Not a new mistake — the bug has reportedly been around for almost three years, since Linux kernel version 3.8 was released in 2013. The company recently developed a proof-of-concept exploit and reported the flaw to developers who maintain the kernel.
The exploit of said flaw involves an attacker using local access to servers to gain total root access. On a phone running Android 4.4 KitKat or later, an attacker could implant malware that could then be used to take over most of the phone’s functions.