Recently, Google reported that there is a serious security hole in Android (from versions 7 to 9) that allows an attacker to hack your device just by viewing a booby-trapped PNG image.
The security hole is very serious because viewing images is a very common thing you do all the time: from surfing websites, viewing emails to receiving messages and so on. A hacker can placed a booby-trapped PNG image in websites, emails, apps, messages, documents, etc. If your Android device is not patched, the act of viewing the image alone can allow the hacker to commandeer your device.
Here’s what you need to do to check if your Android device is vulnerable:
- Open your device’s Settings app .
- Near the bottom, tap About phone
- Check if your “Android security patch level” is set to either 1st February 2019 or 5th February 2019 or later.
If your Android security patch level is set to before that date, then it is vulnerable. If it is vulnerable, tap on “System updates” to check if there’s any security updates available.
What if your Android device is vulnerable and security updates from your manufacturer is not forthcoming?
Unfortunately, a lot of Android device manufacturers are not diligent in protecting their customers by providing timely security updates. Worse still, some manufacturers do not bother at all. If the manufacturer of your Android device is not forthcoming in providing security updates, you should seriously consider voting with your feet and switch to different Android brand manufacturers that takes their cybersecurity responsibility seriously. Ideally, you should get your Android device directly from Google because you can be assured that security updates will be available as soon as Google releases them.
Sadly, the reality is that a lot of older Android devices will never be patched. By implication, in the months and years to come, a lot of Android users will be victims. So, we can expect more horror stories in the months ahead.