ParseDroid vulnerabilities threatened most Android development tools

ParseDroid vulnerabilities threatened most Android development tools

By | December 11th, 2017
No Comments on ParseDroid vulnerabilities threatened most Android development tools

A collection of vulnerabilities known as ParseDroid put users of popular

Android development tools at risk.


														
							

Research from Check Point has discovered several vulnerabilities in downloadable and cloud-based Android development tools which all Java/Android programmers use to build their companies business applications. Even security analysts and reverse-engineers use some of the affected softwares to conduct their work.

The vulnerabilities were found to affect the most common Android IDEs including Google’s own Android Studio, JetBrains’ IntelliJ IDEA, and Eclipse. Popular reverse-engineering tools for Android that were affected include APKTool, the Cuckoo-Droid service, and others.

Check Point notes how WikiLeaks leaked information as part of its ‘Vault 7’ release on how the CIA and NSA exploited vulnerabilities

Since discovering the vulnerabilities, Check Point informed the affected software makers of the problems. Google and JetBrains have verified and acknowledged the security issues and have since “effectively deployed a fix.”

The full technical analysis can be found here.

Source

Google
Nisheeth Bhakuni