Security News > 2022 > April > Google’s monthly Android updates patch numerous “get root” holes

If you go off-market, things can get much more dangerous, not least because there are many unofficial Android app stores out there where pretty much anything goes, including some app repositories that deliberately pitch themselves as a handy place to get at software that Google "Doesn't want you to have".

As an aside, you might think that no one would deliberately seek out apps that clearly wouldn't be permitted on Google Play, or that have already been rejected by Google.

These apps are almost always off-market, but the crooks portray this as a strength, not a weakness, with the apps pitched as "Exclusive" precisely because they aren't available for just anybody to download. The risks of root.

Usually, Android apps are locked down so that each app runs as if it were an entirely separate user on the device, in the same way that you might have multiple logins on your laptop to share it with your family.

Even though Google doesn't always keep malware out, the Play Store does have a vetting process that all apps have to go through, as well as a mechanism for keeping installed apps up-to-date reliably.

Which is a lot better than an unknown "Alternative" app store open to anyone to submit any app they like, including apps that have already been rejected by Google itself.

News URL

https://nakedsecurity.sophos.com/2022/04/05/googles-monthly-android-updates-patch-numerous-get-root-holes/