A couple of days ago, WikiLeaks put out a massive number of documents, in the so-called Vault7 leak, claiming they’re taken from inside the CIA. These detail the agency’s capability to hack and snoop on our devices, so naturally, companies like Google, Microsoft and Apple have a vested interest in checking such claims.
While Microsoft only said it was investigating the documents, Apple was the first company to come out and publicly comment on the alleged iOS vulnerabilities detailed in the leak. The iPhone-maker said that “many” of the exploits there had already been patched and it was looking at the rest.
Given that Chrome and Android were also top targets for exploits, Google’s initial silence on the issue was worrying. But the company has now put out a statement, through its Director of Information Security and Privacy, Heather Adkins, who said:
As we’ve reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defenses.
The leaked documents stretch all the way back to 2013 so it’s no wonder that many of the security vulnerabilities have been patched since then. However, many Android users are still missing critical security updates and only a tiny 2.8% of them are using the latest major version of the operating system, Android 7.x Nougat. This means that hundreds of millions of users may be less protected than they think, and Google likely has its work cut out for it to follow up on all the leads.