Two Paths to a Compromised Android Device

Discovered by Unit 42, the Android Installer Hijacking vulnerability exploits a flaw in Android’s “PackageInstaller” system service, allowing attackers to silently gain unlimited permissions in compromised devices.