Android, the operating system of Google, is the most used worldwide in mobile devices, therefore, it is also the most attacked by hackers. Although Google generally publishes a security patch every time a new vulnerability appears in their system, it does not directly depend on them to reach the devices, but that task falls directly on the manufacturers.
It is very easy to check the security level of our device regarding the most dangerous vulnerabilities that have been discovered for this system. The first thing we must do is download and install the application from the Android application store, the Play Store . This application is free and has no limitations, so we should not pay anything to use it to the fullest.
Once installed, we execute it and a window similar to the following will appear:
As we can see, the main window of the application is divided into 3 sections:
Security Patch Status
In this section the program will show us the most serious vulnerabilities detected for Android and will indicate if we are vulnerable to them or our system has the corresponding security patches installed and we are protected.
Apps from Unknown Sources
This section will check if the option to install applications from unknown sources is activated. This option allows us to install applications directly from their .apk files, but we reduce by 99% the general security of the device since practically all malware for Android comes through applications installed from unknown origins.
Masterkey Malicious App Scan
This section will analyze all the applications installed in the system and verify that they have not been modified to impersonate the identity of the original application taking advantage of the well-known masterkey vulnerability.
What to do if our device is vulnerable?
If our device marks any of the vulnerabilities in the first section, we can:
- Wait for the manufacturer to launch the corresponding patch via OTA (may never arrive)
- Install the patches manually (not recommended, it is quite complicated)
- Change the Rom of the system to a more updated one (Cyanogen, for example) that comes with the corresponding security patches.
If we have activated the permission to install applications from unknown sources, we should simply disable this option to protect us from external malware.
Finally, if any of the installed applications is affected by the Masterkey vulnerability and is malicious, the program will indicate it to us and we must proceed quickly with its uninstallation to avoid being victims of the false application.
