A newly discovered flaw in Google’s Android platform is capable of disabling and corrupting anti-virus software installed on the device.
According to an article on ZDNet, the flaw resides in a component of Android that can be exploited to disable anti-virus app and even corrupt and turn it into another malicious application.
The flaw was reported by security firm Privateer Lab, whose founder, Riley Hassell claims the flaw exists in a ‘popular component’ of Android. He did not reveal which popular component as he has yet to speak to Google about the vulnerability.
The malicious apps can be uploaded to the Android Market for users to download, as they are not checked before they are available to customers. Once the unsuspecting user downloads the malicious app, the app, exploiting the vulnerability in Android, is capable of disabling the anti-virus protection.
The malware can also exploit the vulnerability to corrupt the anti-virus app and turn it into malware, which can then be used to steal personal information from the user.
“This is a tough problem to solve and it needs to be solved as an [Android] community,” said Hassell.