Security News > 2022 > April > Google’s monthly Android updates patch numerous “get root” holes
If you go off-market, things can get much more dangerous, not least because there are many unofficial Android app stores out there where pretty much anything goes, including some app repositories that deliberately pitch themselves as a handy place to get at software that Google "Doesn't want you to have".
As an aside, you might think that no one would deliberately seek out apps that clearly wouldn't be permitted on Google Play, or that have already been rejected by Google.
These apps are almost always off-market, but the crooks portray this as a strength, not a weakness, with the apps pitched as "Exclusive" precisely because they aren't available for just anybody to download. The risks of root.
Usually, Android apps are locked down so that each app runs as if it were an entirely separate user on the device, in the same way that you might have multiple logins on your laptop to share it with your family.
Even though Google doesn't always keep malware out, the Play Store does have a vetting process that all apps have to go through, as well as a mechanism for keeping installed apps up-to-date reliably.
Which is a lot better than an unknown "Alternative" app store open to anyone to submit any app they like, including apps that have already been rejected by Google itself.
News URL
Related news
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)
- Google's New Restore Credentials Tool Simplifies App Login After Android Migration (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Vanir: Open-source security patch validation for Android (source)