The tweet announced a security alert that would affect more than 2 billion people on Android. It turns out that the message shared on November 21 is somewhat exaggerated.
It is news that has been circulating on Twitter to the extent that it is viewed several tens of thousands of times. Posted on November 21 contains a computer security warning. According to him, more than 2 billion people using a Android smartphone — including 100 million sa A product of the Pixel series — would be endangered.
There is cause for concern when reading about the dangers that await mobile device users: we are really talking about data and file theft, circumvention VPNunauthorized access to the link Bluetoothor even the leakage of geolocation features – which would allow us to know where you are, possibly even at this very moment.
Overview of old flaws
So is this a new, very critical, never-before-seen vulnerability that leaves everyone helpless? Reading the blog post that accompanies the news, definitely not. In fact, this publication seems to mainly deal with seven security flaws, real but almost all fixed.
Cyber attacks: when people are the weak link
The French company Mailinblack enables you to protect your organization and educate your employees in the field of cyber security with U-Cyber 360°.
From a password manager to email security, ongoing training and attack simulations, this solution brings together all the tools to prevent cyber risks.
” It should be noted that if you are reading this, all issues have been resolved as we reported them to Google immediately “, we also read on blog postwritten by Oversecured, a mobile IT security company. In short, Overcured mainly tries to present the technical elements related to these violations.
For example, the problem at VPN allowed apps to be added to the VPN drop list – problematic, sure, but a bug originally reported on June 2, 2023 was fixed on December 1, 2023. As for the Bluetooth issue, the incident was reported on August 18, 2022, then resolved on November 1, 2024.
Overcured also deals with vulnerabilities that are sometimes very old – in its list we find a case that was fixed on June 24, 2021, which is extremely remote in the age of smartphones. In fact, there is only one incident that was not resolved because it was reclassified: it was reclassified from a “severe” severity to a “low” issue.
” The vulnerability was originally classified as “high” but was later downgraded to “low” because Google engineers concluded that it was a development bug. », Recognizes Overcured in his article. In short, Overscured’s tweet appears to be somewhat overwritten — overwritten, that is, exaggerated.
One could say that the message on Twitter borrows from the so-called practice FUD (Fear, uncertainty and doubt), which consists in using an alarming twist to attract attention. Here it could be very useful to ensure the virality of the message and encourage the public to click on the link to find out what it means.
Despite everything, the tweet has the advantage of reminding certain points. First, Android’s market share is huge: it is the world’s first mobile operating system and therefore there really is a population of mobile users numbering in the billions. Android security is therefore an extremely high-priority topic.
It then goes on to remind you how important it is to keep your hardware and software up-to-date. Android, like others, is subject to regular patches, which should not be delayed too much. Some patches are deployed automatically, which means you don’t have to worry about them even when switching from one version of Android to another.