No vulnerability is a good thing, but a remote execution flaw a really bad thing.
Remote execution means the attacker can cause the attacked device to run any code the attacker provides.
For android devices - phones, tablets, streaming devices, and others being able to capture and send files to the attackers, turn on camera and/or microphone without the owner's awareness, even take complete control of the device are possible. Once an attack is constructed it can and often is used by any/everyone.
Most android devices use MediaTek or Qualcomm chips to decode audio files. A recently discovered flaw allows a remote execution flaw to be exploited. Using an android device for financial applications could thus be dangerous.
Some android device manufacturers have recently updated their platforms to address this flaw.
Android version 12 is the recent version. Older devices may not be able to update to android version 12.
To check your android version perform these steps (or similar)
Open Settings
Choose System > System update
This flaw is making several news outlets so attacks are on the increase.
The most common attack used: tricking the user to play an audio file with the exploit.
No comments:
Post a Comment