Security News > 2023 > February > Android 14 to block malware from abusing sensitive permissions
A highlighted security feature in Android 14 is to block the installation of malicious apps that target older API levels, which allows easier abuse of sensitive permissions.
Starting with the "Runtime receivers," which enable apps to receive intents broadcast by the system or other applications, all apps targeting Android 14 must declare if they need to receive information from other apps or if they should be limited to system "Broadcasts."
To further tighten up the information exchange between apps and prevent malware from gripping sensitive user data, Android 14 will also restrict the sending of "Intents" that don't have a specified recipient.
Finally, Android 14 will block the installation of harmful apps that target SDK versions lower than 23 to achieve easier permissions abuse.
In Android 6.0, Google introduced a runtime permission model that required apps to request the user to grant permission access requests for sensitive operations like the device's camera, microphone, GPS sensors, phone calls, and SMS access upon the app's launch.
Google says older apps already installed on devices that upgrade to Android 14 will continue to work.
News URL
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)