Indiana University and Microsoft have explored potentially important and widespread security issues with Android’s update mechanism. Android updates remove or replace thousands of files from the storage of smartphones, while each one has specific attributes and support in its filesystem. A bug is installed when a new update is installed. Researchers named “Pileup”, the parasite malicious app installs in software to replace secure update files.
The team at Researchers identified six pile-up threats in the Android package management source and confirmed their presence in all open source project versions of Android, including more than 3500 rooms that support Android device makers. Are from.
Researchers estimate that a billion Android devices have been potentially affected by the Pileup attack. Google is awaiting a response to this issue. However, it has also been brought to the knowledge that the company has been made aware of this problem and one of the six risks has been eliminated.