Here’s why updating apps may not always keep your Android phone safe

If you think using the latest Android version and keeping all your apps updated will keep your Android phone safe from malware attack then you may be wrong. According to a report by Check Point Research, long-known vulnerabilities may persist even in apps recently published on Google Play store.
“If you have a mobile device, you know how important it is to keep the core operating system and all installed apps up to date. It comes as a shock to discover that these precautions are of no help when the app maintainers neglect to incorporate security fixes into their versions of popular components. Keeping track of all security updates in all external components of a sophisticated mobile app is a tedious task, and it’s no surprise that few maintainers are willing to expend the effort,” said Slava Makkaveev of Check Point Research.
Mobile apps typically use dozens of reusable components written in a low-level language such as C. These components, called native libraries, are often derived from open-source projects, or incorporate fragments of code from open-source projects. When a vulnerability is found and fixed in an open-source project, its maintainers typically have no control over the native libraries which may be affected by the vulnerability, nor the apps using these native libraries, it explained.