Skip to main content
  1. Home
  2. Web
  3. Computing
  4. News

Most Android exploits mentioned in the Wikileaks dump have been patched

Add as a preferred source on Google

If you have an Android phone and this week’s revelations about the CIA’s hacking capabilities have you worried, you needn’t be. On Thursday, Google told members of the press that many of the exploits and vulnerabilities mentioned in the report have been patched in subsequent versions of Android.

“As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities,” Heather Adkins, Google’s director of information security and privacy, told ZDNet. “Our analysis is ongoing and we will implement any further necessary protections. We’ve always made security a top priority and we continue to invest in our defenses.”

Recommended Videos

Earlier this week, Wikileaks orchestrated a dump of more than 8,000 classified CIA files pertaining to agency’s cyber warfare efforts. Among the many documents were spreadsheets of stockpiled exploits for Microsoft’s Windows operating system, Apple’s MacOS, iOS, and Android. Vulnerabilities that weren’t purchased from contractors, discovered internally, or available publicly appear to have been circulated by GCHQ, the U.K.’s electronics surveillance agency, and the U.S. National Security Administration

Roughly 24 Android vulnerabilities referenced in the leak, along with specific phones like Google Nexus and Samsung models like the Galaxy S5 and the Note 3. Forbes points out that there are at least 10 remote code execution bugs, critical weaknesses that allow a hacker to run malicious code over the internet. EggsMayhem, an attack developed by the NSA and GCHQ, targets the Chrome browser. An exploit called Sulfur forces Android to leak critical operating system information. And RoidRage malware allows remote control over Android devices.

But the situation is less dire than headlines suggest. Michael Shaulov, head of mobile security at Check Point, told Forbes that there didn’t seem to be evidence of exploits affecting versions after Android 4.4 or the latest version of Android, Android 7 Nougat.

Separately, an analysis by Android development forum XDA Developers found that many of the security holes mentioned in the report relate to older Android hardware and software that is no longer being sold or supported. It noted that at least three of the vulnerabilities referenced in the leaks affect Android 4.3 and below, which is present on only 13.3 percent of Android devices.

Android exploits aren’t the only tools at the CIA’s disposal, of course. The agency has reportedly broken the security of popular chat apps like WhatsApp, Signal, Telegram, Weibo, and others by intercepting messages and photos before they could be encrypted. And the scope of the hack extends far beyond smartphones. The documents made reference to smart TVs and connected cars, many of which remain unpatched.

Apparently, however, Apple devices aren’t at risk. This week, Apple told members of the press that the latest version of iOS contained fixes for the vulnerabilities mentioned in the leak.

Kyle Wiggers
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
How to clear your browser cache in Chrome, Edge, Firefox, Safari, or Opera
A cluttered cache can slow you down and break websites, so here's how to clear it in every major browser in just a few seconds.
How to delete browser cache

A stocked computer cache may be convenient for logging into and out of go-to sites in seconds flat, but a major buildup of these tracking codes could significantly impact your PC’s performance. If you’ve noticed that your PC has been running rather slow of late, or you’re using a new browser and don’t know how to clear its cache, we’ve got you covered with the following guide.

Read more
How to find archived emails in Gmail and return them to your inbox
Archived emails in Gmail are easier to find than you think—once you know where Google hides them
Gmail icon on a screen.

If you’re looking to clean up your Gmail inbox, but you don’t want to delete anything permanently, then choosing the archive option is your best bet. Whenever you archive an email, it is removed from your inbox folder while still remaining accessible. Here’s how to access any emails you have archived previously, as well as how to move such messages back to your regular inbox for fast access.

Read more
Is there a Walmart Plus free trial? Get a month of free delivery
A Walmart sign on the outside of a store.

For regular Walmart shoppers, signing up for Walmart Plus is a no-brainer. It's basically Walmart's version of Amazon Prime, with subscribers unlocking free shipping on most orders, early access to discounts and new product drops (like Nintendo Switch 2 restocks), the best grocery delivery, and more. If you're always taking advantage of Walmart's bargains for the best smart home devices or the best tech products in general, but you're still not sure if you'll be able to maximize the benefits of Walmart Plus, we highly recommend claiming the free trial to the service, and we've got everything you need to know about it right here.

START YOUR FREE TRIAL

Read more