Android ‘crowned’ most vulnerable product of the year 2016


Android 'crowned' most vulnerable product of the year 2016

If the data from the central repository of vulnerability is to be believed, Google’s Android OS turned to be the most vulnerable product of the year 2016. The year turned to be the busiest year till now for Android patch developers. Security researchers identified a huge number of Android vulnerabilities in the year 2016. The total of 523 vulnerabilities was identified with diverse criticality. Android OS was followed by Debian Linux OS and Ubuntu Linux respectively on 2nd and 3rd in the chart.


In the year 2008, when the Android OS has released the Google, it took the mobile world by storm. HTC Dream was the first phone to wear Android OS as a platform. Android based phones fascinated the mobile lover with its tremendous features, always-on Internet, music on fingertips and much more.

We have seen android from Froyo to Lollypop and now Nougat. The features have been increased by miles and so is the bugs – the vulnerabilities – something with may cause android mobile to be hacked. As per the various data obtained from Common Vulnerabilities and Exposures (CVE) Directory, there is a sharp increase in the vulnerability trend for Android in the year 2016.

It was the year 2008 when Android OS based mobiles came live, the same year just a single vulnerability found after security testing. Now with the technological advancement, the vulnerability in Android has also gone up significantly. If we believe the central repository data, by the year end of 2015, 125 numbers of vulnerabilities were found in the Android OS.

The things changed drastically in 2016 when we saw a huge increase in the number of Android vulnerabilities. As per the data, as many, as 523 vulnerabilities were recorded that means around 400% up from 2015, which is a huge margin.

Vulnerabilities by year

Some of the reported vulnerability were so critical that, it could lead complete disclosure of personal information residing on the vulnerable Android smartphone. The vulnerabilities, when exploited, could result in the entire system being compromised. Few of the vulnerability reported in 2016 eliminates the need for authentication when exploited which is more critical than anything else and hence rated 10.0 out of 10 on the criticality scale by CVE. Exploiting such vulnerability is much easier as the hacker don’t need the user credential to run any code.

It was not only the Android vulnerabilities that kept patch developer and security researchers busy in 2016, security researchers discovered a significant number of Android application which were malicious in nature and disclosing user’s personal information.

Recently, researchers identified multiple malicious Android application disguised itself as Super Mario Run. The application was nothing but malware identified as a threat to personal information safety.