On March 18, Google announced an Android Security Advisory regarding a security patch for its flagship Nexus devices. You can read about that release here. This issue will be addressed in the near future by Google in a security update. The advisory was released before the update because of information about the vulnerability potentially being actively abused on Android.
The offending application was never available for installation via Google Play Store and is now blocked for installation outside of the Play Store by Verify Apps.
VMware AirWatch security has been able to confirm that our compromise detection is able to detect if a device has been rooted with the methods used to exploit this Linux kernel.
AirWatch recommends that you practice healthy mobile security hygiene and ensure that devices that connect to the enterprise and access enterprise data are secure by following these simple recommendations:
1. Enable root detection on all Android devices. This can be done by connecting to the AirWatch Enterprise Mobility Management (EMM) console and …
2. Limit the devices in your organization that can run in “developer” mode to only those that need to run in this fashion.
3. Encourage users to download applications from trusted application stores, like the Play Store, where Google blocks malicious apps through a number of steps, including Verified Apps, Malware Scanning, Manual Review and more.
4. Educate your end users on the importance of running the most recent versions of mobile operating systems and updating all related security patches as they become available.
5. Consider integrating some of our Mobile Security Alliance (MSA) partner solutions to provide additional levels of mobile security.
AirWatch is committed to bringing you enterprise-secure solutions and will update this article if new information becomes available from Google or any of our trusted MSA partners.
Because you liked this blog: