

First Malicious Use of 'Master Key' Android Vulnerability Discovered - petrel
http://www.symantec.com/connect/blogs/first-malicious-use-master-key-android-vulnerability-discovered

======
gcb0
Useless self marketing report.

The bug is useless unless you target a specific carrier deployed app with the
right permissions. No mention what allowed the exploit to happen. this is more
important to know than that there are exploits in the wild.

And the fact that Google should just be checking for the existence of one
single file on the packages and it still missed it and allowed (a cloned one
no less) app to show in the market is inexcusable.

