Windows 10 News and info | Forum
February 22, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Thanks to a new vulnerability, a single file can comprise your Android device  (Read 7 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 29609


I Do Windows


WWW Email
« on: February 08, 2019, 02:04:33 PM »
ReplyReply

If you thought opening an image of a cute cat is harmless then you might be wrong as new vulnerability might allow hackers to lure you into opening a cute PNG file and comprise your device. The new vulnerability targets all the Android devices that have Android Nougat and above.

The vulnerability was disclosed by Google but the company confirms that they have already released a patch to the Android Open Source Project (AOSP) repository. As pointed out by ZDNet there is no way of knowing if your device has been hacked. Google hasnít released any technical details of the vulnerability but has confirmed that itís fixed.

Quote
The most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.


However, Android manufacturers delay the updates which means that there are still devices that havenít received the fix. Google has stated that they released the fix with the February 2019 patch so if you havenít got the patch yet, be careful and donít open PNG files from untrusted sources.

source
Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page February 09, 2019, 10:16:57 AM