Android had a pretty disastrous last year if we talk about security. Millions of devices were exploited by various malware including Rowhammer, Quadrooter, Stagefright, Qualcomm “god mode” bug and a few more. Now, a new report has accentuated the slump period with some numbers which reveal Google’s mobile OS topped the vulnerabilities charts in 2016, followed by Debian and Ubuntu Linux.
According to Mitre’s Common Vulnerabilities and Exposures (CVE) database which documented a total of 10,098 bugs in 2016, Android encountered at least 523 security breaches. The news doesn’t come as a surprise majorly due to how OEMs have continued to ignore the necessity of regular security patches. Additionally, numerous analysts have pointed out significant flaws in Google’s encryption engine. While the latest Android Nougat update has amended a few of those shortcomings, there’s only a minuscule percentage of devices that are powered by it. In comparison, Android’s bugs are more than triple of what iOS faced (which had 161 CVEs and was number 15 on the list).
Apart from Android, though, the statistics disclose that Adobe still leads as a vendor (1383 CVEs) with Flash Player and Acrobat Reader dominating, followed by Microsoft in second place at 1,325, Google third with 695, and Apple fourth at 611. Interestingly, Apple’s MacOS X stands ahead of Microsoft Windows 10 which indeed, comes as a surprise.
As these software and hardware products grew more dependent on networks, ensuring an unprecedented level of security should be a key focus for companies this year. Especially Android which was the victim of severe bugs in 2016 exposing Millions of users. Google does although has a quite generous bug bounty scheme that could get you a sum of a whopping US$50,000 if you can manage remote access of TrustZone or Verified Boot.