Recently a new security hole was found in the Android kernel by security firm BlueBox Security. The vulnerability opens up a hole that allows hackers to change mobile applications' codes without breaking the cryptographic signature that is used to verify and an app's legitimacy.
In layman's terms, the security issue could give hackers free reign to transform any app into malware. This means that even apps such as the official Google Play Store app could be reconfigured as a virus. BlueBox says that this problem has existed since at least Android 1.6 and that almost every modern Android device in use today is susceptible to the attack.
Users don't need to fear as Google has identified and solved the problem and has sent out a security patch to its OEM partners that should permanently close the hole once and for all. Unfortunately, there are literally hundreds of OEMs out there and, let's face it, many of them are not quick to publish updates to their core operating systems. Samsung device owners appear to be the first to get the update and we're sure the other large manufacturers will follow suit shortly.