Author Topic: Report shows Android vulnerability allowed for PNG files to execute malware  (Read 10976 times)

0 Members and 1 Guest are viewing this topic.

mobify

  • Full Member
  • ***
  • Posts: 138
    • View Profile


With smartphones becoming a central hub for our lives and being used for financial transactions on a daily basis, hackers are always looking for ways to gain access to them so they can be used for nefarious purposes like stealing personal data, credit card numbers and so on. This is why it is so important for smartphones to receive regular security updates and for the operating systemís developers to find vulnerabilities and fix them as soon as possible.

Luckily, this was the case with a newly discovered potential point for exploits found by the Android security team. It was quite an unusual one too. According to the latest Android Security Bulletin, the vulnerability ďcould allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged processĒ.

Now letís break it down. PNG files, for those unfamiliar with the format, are used for images or photos and are commonly used because of the better way they handle compression compared to JPG files. This means they are easily shareable between users through various messaging apps. According to the report, it was possible for a proficient enough coder to attach code to the image file that would be executed once the user opens it. The code would also be able to access the main processes of the operating system and potentially change them in a way that is beneficial for the attacker.

If that sounds scary, itís because it is. Unauthorized root access to a device can cause all sorts of trouble for the user. Luckily, the issue was found before any reports of the vulnerability being put to practical use came in and a fix is being provided with the latest security patch for Android. Security updates dated 2019-02-05 or later include the fix for this vulnerability.

Of course, the security team isnít releasing any specific information about how the exploit could work, making sure owners of devices that receive security updates slower are as safe as possible.


 

 

WhatsApp rollout out picture-in-picture mode to all Android users

Started by droid

Replies: 0
Views: 12823
Last post December 17, 2018, 12:09:30 AM
by droid
Android phone used by Apple to promote Apple Music on Twitter

Started by appmonstars

Replies: 0
Views: 12265
Last post December 19, 2018, 12:55:55 PM
by appmonstars
Android 9 Pie users can now reset Adaptive Brightness without battery data loss

Started by mobify

Replies: 0
Views: 17668
Last post January 16, 2019, 06:48:53 AM
by mobify
India start probe over Google's misuse of Android's dominant position

Started by mobify

Replies: 0
Views: 9164
Last post May 13, 2019, 06:20:59 AM
by mobify
WhatsApp to bring stickers integration to Gboard keyboard app for Android

Started by gurutek

Replies: 0
Views: 15563
Last post January 21, 2019, 07:23:14 AM
by gurutek