“The vulnerabilities can remain on devices for months or even years because carriers are very conservative in rolling out patches to fix bugs in Android, mostly because it is expensive to develop, test and implement an update,” said Jon Oberheide,chief technology officer, Duo Security in an Android OS report.
“Since we launched X-Ray, we’ve already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary,” Oberheide said in a blogpost.
Duo Security has come up with a mobile application named X-Ray that monitors vulnerabilities on Android devices. The application is programmed to identify known, yet unpatched, vulnerabilities in the device, which could be exploited by cyber criminals to take full control of device. At the United Summit conference in San Francisco, Oberheide will provide more details of his research.