Researchers have found some holes in Google's Android SDK that could make the software vulnerable to hack attacks. But because commercial Android devices are still months away from hitting store shelves, there's no need to panic.
Core Security published an alert on its Web site on Tuesday stating that it had found eight vulnerabilities related to some open-source image processing libraries in Google's Android SDK, which the group claims are outdated. Attackers exploiting these vulnerabilities could take complete control of Android handsets, the alert said.
It's hardly surprising that some kind of vulnerability would be discovered. And, in fact, it's probably a good thing that groups like Core are discovering problems now. Android, which Google announced in November, is still in beta. Even though several companies showed off prototypes using the Android software at the GSMA Mobile World Congress last month, none of them have built a commercial product yet.
The final version of the software code won't be available until later this year. So Core and other developers and security experts will hopefully find more glitches or problems. That way, Google and the rest of the developer community can fix these problems before the phones hit the market.