Android should become a more secure platform thanks to new bug bounty program for Google apps
Bug bounty programs have become a common way for companies to track down issues with software before they start to cause security concerns for users. While Google has various existing programs of this nature, the company has just launched the Mobile Vulnerability Rewards Program.
Google Mobile VRP is a bug bounty program that focuses on the company's own software. It lets security researchers and software detectives submit reports about Google's Android apps, earning financial rewards for discovering security flaws.
Microsoft researchers discover serious security vulnerabilities in big-name Android apps
The Microsoft 365 Defender Research Team has shared details of several high-severity vulnerabilities found in a mobile framework used in popular apps associated with a number of big names.
The framework is owned by mce Systems, and is used in apps from numerous mobile providers. The apps -- from the likes of AT&T, Rogers Communications and Bell Canada -- are often pre-installed on Android handsets, but they have also been downloaded millions of times. If exploited, the vulnerabilities allow for local or remote attacks, including command injection and privilege escalation attacks.