Most Android exploits mentioned in the Wikileaks dump have been patched

google android wikileaks patch
Julian Chokkattu/Digital Trends
If you have an Android phone and this week’s revelations about the CIA’s hacking capabilities have you worried, you needn’t be. On Thursday, Google told members of the press that many of the exploits and vulnerabilities mentioned in the report have been patched in subsequent versions of Android.

“As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities,” Heather Adkins, Google’s director of information security and privacy, told ZDNet. “Our analysis is ongoing and we will implement any further necessary protections. We’ve always made security a top priority and we continue to invest in our defenses.”

Earlier this week, Wikileaks orchestrated a dump of more than 8,000 classified CIA files pertaining to agency’s cyber warfare efforts. Among the many documents were spreadsheets of stockpiled exploits for Microsoft’s Windows operating system, Apple’s MacOS, iOS, and Android. Vulnerabilities that weren’t purchased from contractors, discovered internally, or available publicly appear to have been circulated by GCHQ, the U.K.’s electronics surveillance agency, and the U.S. National Security Administration

Roughly 24 Android vulnerabilities referenced in the leak, along with specific phones like Google Nexus and Samsung models like the Galaxy S5 and the Note 3. Forbes points out that there are at least 10 remote code execution bugs, critical weaknesses that allow a hacker to run malicious code over the internet. EggsMayhem, an attack developed by the NSA and GCHQ, targets the Chrome browser. An exploit called Sulfur forces Android to leak critical operating system information. And RoidRage malware allows remote control over Android devices.

But the situation is less dire than headlines suggest. Michael Shaulov, head of mobile security at Check Point, told Forbes that there didn’t seem to be evidence of exploits affecting versions after Android 4.4 or the latest version of Android, Android 7 Nougat.

Separately, an analysis by Android development forum XDA Developers found that many of the security holes mentioned in the report relate to older Android hardware and software that is no longer being sold or supported. It noted that at least three of the vulnerabilities referenced in the leaks affect Android 4.3 and below, which is present on only 13.3 percent of Android devices.

Android exploits aren’t the only tools at the CIA’s disposal, of course. The agency has reportedly broken the security of popular chat apps like WhatsApp, Signal, Telegram, Weibo, and others by intercepting messages and photos before they could be encrypted. And the scope of the hack extends far beyond smartphones. The documents made reference to smart TVs and connected cars, many of which remain unpatched.

Apparently, however, Apple devices aren’t at risk. This week, Apple told members of the press that the latest version of iOS contained fixes for the vulnerabilities mentioned in the leak.


Think iPhones can’t get viruses? Our expert explains why it could happen

If your iPhone has been acting strangely, then you may be concerned about the possibility it is infected with a virus or some malware. We take a look at just how likely that is and explain why iOS is considered relatively safe.
Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.

Rooting your Android device is risky. Do it right with our handy guide

Wondering whether to root your Android smartphone or stick with stock Android? Perhaps you’ve decided to do it and you just need to know how? Here, you'll find an explanation and a quick guide on how to root Android devices.

Most Android antivirus apps fail to provide malware protection, study shows

A study by AV-Comparatives analyzed the effectiveness of Android antivirus apps in protecting against the 2,000 most common malware threats. Alarmingly, only 23 of the apps were able to detect 100 percent of the malware samples.
Social Media

New Zealand attack shows that as A.I. filters get smarter, so do violators

The shootings in Christchurch, New Zealand were livestreamed to social media, and while stats show networks are improving at removing offending videos, as the system improves, so do the violators' workarounds.

Edit, sign, append, and save with six of the best PDF editors

Though there are plenty of PDF editors to be had online, finding a solution with the tools you need can be tough. Here are the best PDF editors for your editing needs, no matter your budget or operating system.

Firefox 66 is here and it will soon block irritating autoplay videos

Do web advertisements have you frustrated? Mozilla is here to help. The latest version of the browser will soon block autoplaying videos by default and will also help make web page scrolling smoother.
Movies & TV

No TV? No problem. Here's how to watch the Final Four online

Whether you want to watch the Big Dance on your phone or on your smart TV, we have the lowdown on all the ways to watch March Madness you can handle. Grab your foam finger and some nachos.

Patreon is having another go at changing the way it charges creators

Patreon messed up pretty badly the last time it tried to change its payment system. Now it's having another go, though this time the changes mainly affect future sign-ups rather than its current community of creators.

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. But with so many subreddits to choose from, exploring them can be overwhelming. Here are some of the best subreddits to get you started.

Confused about RSS? Don't be. Here's what it is and how to use it

What is an RSS feed, anyway? This traditional method of following online news is still plenty useful. Let's take a look at what RSS means, and what advantages it has in today's busy world.

Don’t be fooled! Study exposes most popular phishing email subject lines

Phishing emails are on the rise and a new study out by the cybersecurity company Barracuda has exposed some of the most common phishing email subject lines used to exploit businesses. 

How much!? British Airways glitch results in $4.2M quote for family vacation

Website errors sometimes cause flight prices to display at way below the correct price. But British Airways recently experienced the opposite issue when it tried to charge a family more than $4 million for a vacation in Mexico.