Google says it has patched exploits used by the CIA
Tuesday saw what might be the most impactful release by WikiLeaks to date. The organization released part of what they called “Vault 7,” which contains thousands of documents supposedly pinning the CIA as creators of malware aimed to hack into household electronics. While the documents haven’t been verified for validity, WikiLeaks has a very strong track record.
The documents accuse the CIA of creating tools that can be used to crack into and monitor smartphones, TVs, and cars, among others. A specific target of these tools is the Android operating system. The tools were developed as early as 2013 and affect versions of Android as far back as 4.0. There are also tools listed that take advantage of exploits in versions of the Chrome browser back to v32.
Android users on the latest build may not have much to fear, though. Heather Adkins, director of information security and privacy at Google, said:
“As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary precautions.”
While this is good news for phones running Android 7.0 and later, most Android phones are on older versions and may still be affected. The leak also detailed tools that could be used to hack into iPhones running older versions of iOS. Apple has stated that the latest version of iOS isn’t vulnerable, and that about 80% of iPhone users are running the most current version.