Recently, some Android security researchers have found a vulnerability called “Fake ID Bug” in Android operating system that affects all Android versions from 2.2 Froyo to 4.4 KitKat. This vulnerability exists in the digital certificate verification mechanism of Android using which any app can pretend to be a digital certified valid app. This can be used by apps for masquerading as valid apps from well known companies. For example, a malicious app can pretend to be the Adobe Flash Player app using the “Fake ID bug” vulnerability. Google says that if you are using the latest versions of Google Play Store and Google Play Services in your Android smartphone, then you are protected from the “Fake ID Bug”. Although these Google apps are automatically updated in Android, you can still perform a little maneuver to initiate the update to the latest version of Google Play Store. Here is how:
- Open Google Play Store in your Android smartphone by tapping on its icon. The icon is sometimes on your home screen, but you also find it in the all apps section.
- In the Google Play Store, swipe the screen from the left edge to the right to open the menu. You can also press the menu-button on your Android device to the same effect. Choose Settings from the Play Store menu.
- At the end of this Settings menu, you would find the Build number of the Google Play Store installed in your smartphone. You have to tap on this once to initiate the update.
- If you are already using the latest version of Play Store, then you will be shown a message that reads – “Google Play Store is up to date”. If you are using an older version, then it will start downloading the updating the latest version.
Although using the latest version of Google Play Store protects you from the “Fake ID Bug”, you should refrain from download the APK files from unknown third-party sites and use an antivirus app for an extra layer of protection.