Underlying security flaws from code copied from code libraries are in thousands of apps, according to new research from cybersecurity firm CheckPoint. Wired reported that it is causing big problems on Android.
“There are a lot of vulnerabilities out there in applications,” says Yaniv Balmas, head of cyber research at Check Point. “Some of these vulnerabilities are not specifically in applications, but they are found in code libraries. Modern applications use dozens or hundreds of these libraries to operate.” Code libraries (often known as software libraries) allow developers without expertise in specific areas, such as Java Script, to use code that’s already been created. Researchers at Check Point say they have identified existing code libraries that contained vulnerabilities and then compared them to apps scraped from the Play Store. The company says it regularly checks Android apps for its security teams to look for current threats.
Check It Out: Lots of Android Apps Contain Old Security Flaws