FYI...
Installer Hijacking Vulnerability in Android Devices
- https://www.us-cert.gov/ncas/current...ndroid-Devices
March 24, 2015 - "A vulnerability in Google's Android OS* has been discovered that could allow an attacker to change or replace a seemingly safe Android application with -malware- during installation. An attacker exploiting this vulnerability could access and steal user data on compromised devices without user knowledge. Devices running Android version 4.4 or later are -not- vulnerable. US-CERT advises users to ensure their devices are running an up-to-date version of Android and to use caution when installing software from third-party app stores."
* http://researchcenter.paloaltonetwor...rs-to-malware/
March 24, 2015 - "Executive Summary: We discovered a widespread vulnerability in Google’s Android OS we are calling 'Android Installer Hijacking', estimated to impact 49.5 percent of all -current- Android users.
In detail: Android Installer Hijacking allows an attacker to modify or replace a seemingly benign Android app with malware, without user knowledge. This only affects applications downloaded from third-party app stores. The malicious application can gain full access to a compromised device, including usernames, passwords, and sensitive data. Palo Alto Networks worked with Google and major manufacturers such as Samsung and Amazon to inform them of the vulnerability and issue patches for their devices..."
____
- https://developer.android.com/about/...rds/index.html
Data collected during a 7-day period ending on March 2, 2015
___
Backup Tool
> https://play.google.com/store/apps/d...=com.backup.jl
Jan 15, 2015
How to Update an Android
> http://www.wikihow.com/Update-an-Android
How to update an Android OS
> http://www.ehow.com/how_6855334_update-android-os.html
> https://www.android.com/intl/en_us/phones/#tips
"*Instructions are tailored to most Android phones; however should these instructions not work for your device, please contact your manufacturer’s customer support..."
> https://www.android.com/intl/en_us/history/
___
Half of Android devices may be vulnerable to surreptitious install exploits
- http://arstechnica.com/security/2015...word-stealers/
Mar 25, 2015 - "... Time-of-check to time-of-use vulnerability*..."
* https://en.wikipedia.org/wiki/Time_o...to_time_of_use