Security News > 2020 > December > Android apps with 250M downloads still vulnerable to patched bug
Roid apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020.
In August, mobile app security company Oversecured discovered a vulnerability in the Google Play Core Library that allowed malicious applications to execute code in legitimate apps.
Researchers from Check Point Research have discovered that there are still apps with millions of installs using the vulnerable library over three months later.
"Since the publication of this vulnerability, we started monitoring vulnerable applications. During the month of September 2020, 13% of Google Play applications analyzed by SandBlast Mobile used this library, and 8% of those apps had a vulnerable version," Check Point Research stated in their report.
As you can see, all of these apps have at least 1 million downloads, with one as high as 100 million downloads.