Android Jelly Bean, Kit Kat vulnerable to security flaw

New Android vulnerability gives cybercriminals the chance to monitor conversations after being rerouted from the VPN.

Published Mon, Mar 3 2014 1:33 AM CST   |   Updated Mon, Oct 19 2020 8:15 PM CDT

A new flaw was recently found in the Google Android Jelly Bean and Kit Kat OS flavors, with the "critical flaw" compromising the virtual private network (VPN) in the Android OS.

Android Jelly Bean, Kit Kat vulnerable to security flaw | TweakTown.com

Compromised devices allow cybercriminals to monitor communication after VPN traffic is sent to a different network address.

The flaw, which was found in India, can be successfully remedied by installing updates from OEM manufacturers, the CERT-In team says. Installing anti-virus and anti-malware protection on the device should help add additional layers to prevent Android exploits from causing problems.

"A critical flaw has been reported in Android's (virtual private network) VPN implementation, affecting Android version 4.3 and 4.4 which could allow an attacker to bypass active VPN configuration to redirect secure VPN communications to a third party server or disclose or hijack unencrypted communications," said the Computer Emergency Response Team of India (CERT-In).

An experienced tech journalist and marketing specialist, Michael joins TweakTown looking to cover everything from consumer electronics to enterprise cloud technology. A former Staff Writer at DailyTech, Michael is now the West Coast News Editor and will contribute news stories on a daily basis. In addition to contributing here, Michael also runs his own tech blog, AlamedaTech.com, while he looks to remain busy in the tech world.

Related Tags

Newsletter Subscription

Latest News

View More News

Latest Reviews

View More Reviews

Latest Articles

View More Articles