Serviceteam IT Security News

Over its five-year lifetime, the Android Application Security Improvement Program helped over 300,000 developers to fix more than 1,000,000 apps on Google Play, Google says.

The program was launched to help the Android ecosystem thrive by helping developers improve the security of their applications and eliminate vulnerabilities from them.

Through this initiative, Google scans all applications submitted to the official storefront to determine if a variety of vulnerabilities are present. Should any issues emerge, the Internet giant then alerts the developer and helps them address the issues. 

This allowed the Internet giant to fix over 1,000,000 apps since the Application Security Improvement Program’s launch. Last year, the program helped over 30,000 developers fix over 75,000 apps, the company says. 

“The downstream effect means that those 75,000 vulnerable apps are not distributed to users with the same security issues present, which we consider a win,” Patrick Mutchler and Meghan Kelly, Android Security & Privacy Team, note in a blog post

The program covers a large variety of problems in Android applications, including vulnerabilities in certain versions of popular libraries, and other issues with broader impact. 

The Internet search giant says it also focuses on improving existing checks and expanding them to cover more classes of security vulnerabilities, to ensure the program evolves to cover emerging exploits. 

Last year, it added warnings for SQL Injection, File-based Cross-Site Scripting, Cross-App Scripting, Leaked Third-Party Credentials, Scheme Hijacking, and JavaScript Interface Injection. 

“Think of it like a routine physical. If there are no problems, the app runs through our normal tests and continues on the process to being published in the Play Store. If there is a problem, however, we provide a diagnosis and next steps to get back to healthy form,” Mutchler and Kelly note. 

Related: 18,000 Android Apps Violate Google’s Ad ID Policies: Analysis

Related: Bug in Twitter Android App Exposed Protected Tweets

Source: infosec island

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!