Defend what you create

Mehr

Schließen

Meine Bibliothek
Meine Bibliothek

+ Zur Bibliothek hinzufügen

Support

Schreiben Sie uns

Ihre Anfragen

Rufen Sie uns an

+7 (495) 789-45-86

Profil

Janus

CVE-2017-13156

A vulnerability in the Android system which allows cybercriminals to modify the APK applications without changes in their digital signature. The Android architecture implies that all developers must sign their applications. When installing updates, the system checks their digital signature and, if it complies with the current version, the update is installed.

The Janus vulnerability allows to add additional content to the APK application without modifying the digital signature. That’s why cybercriminals can integrate a malicious module into an update of some secure program. This module will be freely installed and launched on a vulnerable device.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended that you contact the device manufacturer to get necessary updates for the operating system.

Technical details

The Janus vulnerability allows to integrate a modified executable DEX file into the APK file, which is an archive. This DEX file does not have influence on the digital signature. In other words, cybercriminals can use Janus to replace the executable file of an application with a malicious copy which has all system permissions of the original file. Only applications that use the digital signature on the basis of JAR, which was replaced with the new technology Signature Scheme v2 in Android 7.0 Nougat, are subject to the vulnerability. In new Android versions, the only vulnerable applications are those not using the latest technology of the digital signature and also programs downloaded and installed not from Google Play. The following Android versions are vulnerable: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0.

See also information about other vulnerabilities

Führender russischer Hersteller von Virenschutzsoftware

Entwickelt seit 1992

Dr.Web wird in mehr als 200 Ländern genutzt

Antivirus im SaaS-Modell seit 2007

Technischer Support rund um die Uhr

© Doctor Web
2003 — 2019

Doctor Web ist ein russischer Entwickler von IT-Sicherheitslösungen unter dem Markennamen Dr.Web. Dr.Web Produkte werden seit 1992 entwickelt.

Doctor Web Deutschland GmbH. Platz der Einheit 1. 60327 Frankfurt