What is this vulnerability in NFC?
In Android OS 8 and later, users are not made aware that installing the app might compromise security. Instead, during the file transfer via NFC beaming, they are shown an alert to install. This made them vulnerable to cyber-attacks, and this wasn’t the case in earlier versions.
What is this vulnerability in NFC?How does this affect you?How can you stay safe from this vulnerability?
Once again, here is a heads-up for Android users, but not so serious (maybe). Reportedly, a vulnerability affecting the NFC beaming in Android devices can allow cyber-attacks. While Google has already rolled out a patch for it, not all Android users are safe yet. Earlier, a single option was responsible for the installation of apps from unknown sources. While in Android 8 and later, a dedicated permission control comes with every app.
How does this affect you?
Although this might sound harmless, but it can be very dangerous if used intelligently. In the newer version, Google whitelist all apps that are signed by Google and allow them to install even from an external source. If an attacker sent you a malicious application that is whitelisted and you install them without any security concern.
How can you stay safe from this vulnerability?
While Google has patched the vulnerability in October 2019 Android updates. The bug has been classified as (CVE-2019-2114) as a high severity vulnerability. Hence, the first step is to install the new update. You should also consider not installing any apps from external sources like NFC beams. You can do this by changing the settings in your Android device. This won’t be much of harm, but prevention is better than cure.