Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.


Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence


Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
News18 » Tech
1-min read

Facebook And Instagram For Android Are a Security Nightmare With Unpatched Vulnerabilities

In a month-long study, Check Point Research found vulnerable code on Facebook and Instagram even after they had received security patches.


Updated:November 22, 2019, 10:00 AM IST
facebookTwitter Pocket whatsapp
Facebook And Instagram For Android Are a Security Nightmare With Unpatched Vulnerabilities
Image for Representation

Check Point Research said it has found the latest versions of some of the most famous apps in the world on Google's Play Store, including Facebook and Instagram, to have vulnerabilities that were believed to have been patched earlier. The research shows that threat actors can still execute code on the latest versions of mobile applications on Play Store, despite the updates those mobile apps have pushed to people. In short, threat actors can gain administrative control over the mobile applications studied by Check Point Research. Theoretically, hackers can steal and alter posts on Facebook, extract location data from Instagram and read SMS messages in WeChat, said the research.

In a month-long study, Check Point Research cross-examined the latest versions of these high-profile mobiles for three known remote control execution (RCE) vulnerabilities dating from 2014, 2015 and 2016. Each vulnerability was assigned two signatures. Then, Check Point Research ran its static engine to examine hundreds of mobile applications in Google's Play Store to see if old, vulnerable code was present in the latest version of the application. Check Point Research found vulnerable code, which was claimed to patched, present in the latest versions of the popular mobile application.

For now, Check Point urges people to install an antivirus-app that monitors vulnerable apps on the phone. "Mobile app stores and security researchers do proactively scan apps for malware patterns, but devote less attention to long-known critical vulnerabilities. Unfortunately, this means there's not much the end-user can do to keep his mobile device fully secure," said the research. Check Point Research said it informed the applications as well as Google about the vulnerabilities.

The revelations come amid a snooping controversy that hit WhatsApp after Israeli spyware Pegasus exploited a vulnerability in the messaging platform, affecting 1,400 select users globally, including over 100 in India.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: Chhavianshika Singh
Read full article
Next Story
Next Story

facebookTwitter Pocket whatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results