Discover the vulnerability and tips to combat Android FakeID

Rooting lately we feel that when we talk about Android is to deliver bad news or alert the user . He has appeared a new security risk in Android called FakeID, but we’re not limited to just talk about the vulnerability, but we will give you tools so you can at least fight.

Going slightly in detail, “FakeID” is the name that has been given to a bug in the plugin webview of Adobe Systems performing privilege escalation. FakeID therefore allow malicious applications to impersonate trusted applications without notifying recognized user . This can bring a wide range of consequences, for example, can be used to escape the sandbox system and insert a Trojan within an app masquerading as Adobe Systems, get access to NFC for Google Wallet supplanting payments or get the taking total control of the device identity 3LM.

Affected Devices

Given that the vulnerability has existed since 2010 in Bluebox Labs conclude that affects all Android devices , including those running the last article of the green robot version of the operating system.

Device users specific manufacturers which include extensions for managing terminal are at risk of partial or total infection . The 3LM extensions are present in several smartphones from HTC, Pantech, Sharp, Sony Ericsson and Motorola, and are therefore susceptible to infection as well.

Discover what is the vulnerability and how to combat Android FakeID

Fighting vulnerability

The first is whether our device is vulnerable. To do this, we must download the Bluebox Security Scanner from the Google Play Store -tea leave the link at the end of article-. If the scanner detects that your device is vulnerable, then we have to download the fix has been developed for Xposed Framework, also you will find the download link at end of article-.

Once you have downloaded the file, installed it in the usual way. After that, we go to Xposed Installer and activate the module . As we have enabled, restart the terminal to apply the changes and it will be done. The module has no configuration options, just a screen that gives some information regarding the same.

We are talking about a serious vulnerability that, as always, should not be taken lightly. If you follow the instructions we gave you should be able to patch the vulnerability in minutes.

Bluebox Security Scanner | Google Play Store

FakeID fix | Google Play Store