Audit Your Android Devices
Recently, there are some famous vulnerabilities on Android devices from Android 4.x to 5.x. Since not all the vendors of Android device will release the fixes, you can inspect your devices to see if they are vulnerable or not. If they are vulnerable, you can use it with care or change to other devices which have been fixed the vulnerabilities.
VTS for Android is an open source project which can scan for the following current vulnerabilities :
ZipBug9950697
Zip Bug 8219321 / Master keys
Zip Bug 9695860
Jar Bug 13678484 / Android FakeID
CVE 2013-6282 / put/get_user
CVE_2011_1149 / PSNueter / Ashmem Exploit
CVE_2014_3153 / Futex bug / Towelroot
CVE 2014-3847 / WeakSauce
StumpRoot
Stagefright bugs
x509 Serialization bug
PingPong root - CVE-2015-3636
By the way, we should also beware of the adware too. Some adware can auto-root your Android devices and they are almost impossible to remove. For details, please refer to this article.
source : http://ins-cyber.blogspot.com
