Older apps could be putting your smartphone at risk — here’s why

a photo of the iPhone 13 Pro
(Image credit: Future)

If your smartphone is full of apps you no longer use, you should probably consider deleting them since they could be putting your security at risk.

Just like how a car is more likely to break down if it hasn’t had a tune-up in a while, older apps are more likely to have security flaws that can be exploited by hackers. According to a new report from the application security company Veracode, apps that have been out for a while have a higher chance of containing security flaws.

In fact, the firm’s researchers found that 32% of apps have flaws during their first scan — but by the time they’ve been in production for five years, almost 70% contain at least one security flaw. Following a ‘honeymoon period’ after release, 80% of apps don’t take on any new flaws for the first 1.5 years. However, the number of new security flaws in apps begins to climb by 35% once they reach the five-year mark.

Although reminders to update your apps may be annoying, you absolutely want to keep them up-to-date, and you should install any updates when they become available to avoid falling victim to cyberattacks exploiting any security flaws they may have.

Open source software has the same problem

While older apps could be putting your security at risk, Veracode also found that the same problem exists with open source software.

The firm’s research team examined 30,000 open-source repositories on GitHub to discover that 10% of them hadn’t had a commit or change to their source code in almost six years. During that time security flaws could have been discovered, putting users of apps that rely on these repositories to function at risk.

Open source software like LibreOffice, VLC Media Player and GIMP can be a great alternative to paid software for students and those on a budget but just like with your apps, you need to make sure you’re using the latest version to stay safe. When in doubt you may be better off going with paid software instead, as the companies behind these programs have the budgets to keep them regularly updated.

How to audit the apps on your smartphone and why you should

An iPad showing several apps on a homescreen, with a finger poised to select one

(Image credit: Shutterstock)

Your smartphone holds a wealth of personal and financial information about you and other members of your household. This is why you need to be careful when it comes to the apps you install — and ensure you keep them updated.

Sometimes we download an app, use it for a while and then completely forget it’s installed on our smartphones or tablets. For this reason, you want to go through the list of apps installed on your devices periodically — at least once a year — and delete any you’re no longer using. Not only will this free up space on your smartphone, it will also help improve your security.

When it comes to finding out whether or not an app has been updated recently, the easiest way to do this is by heading to its listing page on the App Store or Google Play Store. On the App Store, you can click on Version History to see what the latest version is, when it was released and what’s been changed. On the Play Store, this can be done by clicking on About this app. Here you’ll find the current version and when the app was last updated.

While Veracode’s research suggests that most apps are free of security flaws for their first few years, they tend to crop up after the five-year mark — which means you should absolutely stop using any app that hasn’t been updated in that time. 

If you’re worried about the apps installed on your smartphone, you may also want to consider using a web browser to access their websites instead, though some features might not be available. Also, investing in one of the best Android antivirus apps can help prevent security flaws from being used to install malware on your Android smartphone.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.