Even mobile security software sometimes falls prey to vulnerabilities.
VMware this week issued a security advisory regarding vulnerabilities with its AirWatch Agent and Inbox apps for Google Android.
Agent, the app for enrolling devices in AirWatch, detects rooted devices so IT can prevent them from having unrestricted access to corporate networks and data. A flaw in this feature allows rooted devices to bypass detection, however.
AirWatch’s containerized email app, Inbox, also has a potentially major security flaw. Rooted Android devices can decrypt any local data the app accesses, which could let unauthorized users access confidential data.
“VMware has a pretty solid reputation, so for these flaws to get out is a little surprising,” said Jack Narcotta, analyst at Technology Business Research Inc., in Hampton, N.H.
VMware responds to Android security flaws
VMware did not say how widespread the AirWatch security vulnerabilities are or for how long they have existed. The company notified customers and worked to resolve the issues in the AirWatch Android apps as soon as it became aware, a spokesperson said.
The Agent app vulnerability could leave an organization open to a denial-of-service attack, malware or a Trojan horse, Narcotta said.
“This could be very dangerous,” he said.
To resolve this issue, VMware urged IT departments to upgrade their Android users’ Agent apps to version 7.0.
To remedy the Inbox app problem, IT should push the version 2.12 update to users and update to AirWatch Console 9.0 Feature Pack 1. The updated management console lets IT enable pin-based encryption.