The Android platform has long been criticised for its openness that can lead to it being attacked by malware or other threats, and now Google fixes a worrying Android security exploit that has reportedly been around for years and could affect millions of devices.

There have been claims that a vulnerability has been found in the Android operating system that could allow hackers to alter 99% of apps into Trojan malware, and Google has now stated that the security hole has now been fixed with a patch released to handset manufacturers.

Jeff Forristal of Bluebox security stated that the security hole as been around since at least Android 1.6, and it could affect all Android devices released during the last four years, which means around 900 million devices could be affected by hackers.

The security hole exists in verification and installation process of Android applications, and each of the apps has a cryptographic signature that is used to make sure its contents don’t get altered. Although this security hole allows hackers to alter the content of the apps while keeping the signature intact.

We will now have to wait for handset manufacturers to push out the security update, and it seems that there has been no exploitation of the security hole but at least it has been patched. Most users won’t have too much to worry about if they continue to install applications from Google Play though.

We have reported before how mobile malware was on the increase with Android being the focus of criminal’s attention, but luckily there are a number of applications available to users with some of them being free.

Source: ZDNet.