Government issues high-security risk warning for Android users; How to stay safe from Android risks
The Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a "high" security risk warning for Android phone users. On its official website, CERT warns against "multiple vulnerabilities" and if not mitigated, attackers can gain access to the phone and access sensitive information. So far, the only solution seems to be to update apps directly through the Play Store. Users should also check if an Android OS update is available.
The magnitude of the risk can be huge, as Android vulnerabilities affect users with smartphones running Android 11, Android 12, and Android 13. Users using tablets and foldable devices running the Android 12L-based operating system also are at risk. The CERT warning says, "Multiple vulnerabilities have been reported in Android which could allow an attacker to gain elevated privileges, obtain sensitive information, execute remote code or cause denial of service conditions on the target system."
Speaking more about the flaws, the website notes, "Multiple vulnerabilities exist in Android due to flaws in Framework, System, Google Play system, Qualcomm components and Qualcomm closed-source components. Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, execute remote code or cause denial of service conditions on the target system."
The risk can potentially affect millions of users in India as the country has a large Android user base. According to Statista, Android had a 95.26 per cent share of the mobile operating system market in India in 2022.
How to stay safe from these Android risks?
As mentioned, the only way forward seems to be to keep your phone updated. First of all, make sure all the apps on your phone are running the latest versions. Additionally, users can check for pending operating system updates. Although the steps to check for available updates may vary slightly on different Android phones, you can navigate to "Settings" and search for "Android Updates." That should help.
While the new vulnerabilities are system-related flaws, users are also generally advised to use applications from trusted developers. Also, do not download apps from third-party online stores.
Notably, CERT-In had issued a similar warning in August 2023. At that time, Android flaws were affecting Android 13 phone users in India. The crashes were also caused by issues in the framework, Android runtime, system components, Google Play system updates, kernel, Arm components, MediaTek components, and closed-source components from Qualcomm.