Tens of thousands of smart phone buyers every day chose Android handsets for their price and the availability of applications.
The variety of phones and apps is what draws them to the Google mobile ecosystem. But Android’s flexibility is also a weakness — the number of versions of the OS released, the ability of handset makers and carriers to customize it means Android is less secure than other platforms.
That’s the main reason why a number of enterprises won’t let staff touch Android — and why Samsung Electronics has come up with its own solution, the Knox mobile management platform.
According to LinuxInsider, the bug lets attackers modify Android apps into Trojan apps with out breaking their APK signature key.
The latest version of Android, 4.2, verifies that downloaded apps are malware-free. But that doesn’t cover earlier versions.