Illuminati Press
Top trending news in digital world is now here

Android users are facing risk from these “unfixed” bugs, here’s how

0


Several smartphone makers including Google, Samsung, Xiaomi, Oppo and others manufacture devices that come powered by Arm’s Mali GPU drivers. These devices are reportedly carrying a set of five exploitable vulnerabilities. The chip maker has already patched the bug on its end, however, millions of Android devices are still exposed to attacks. According to a report by Google‘s Project Zero team, the affected phone makers are yet to roll out an update that will fix the issue at the users’ end.
How are millions of Android devices at risk
Google’s security analysts have highlighted the “patch gap” that is affecting the entire supply chain in the Android ecosystem. The report published by the Project Zero team claims that they discovered the vulnerabilities earlier in June and were fixed by Arm in July.
These security flaws will allow attackers can bypass the permission model in Android OS to gain full access to the system and steal user data. However, these vulnerabilities are present only in devices that come with Mali graphics units.

For example, Samsung devices that come powered by its proprietary Exynos chipsets (except the Galaxy S22 series) are currently affected by these security flaws. There are some markets where Samsung’s Galaxy S22 series smartphones come with Exynos processors, but the company used an Xclipse 920 graphics chip instead of a Mali GPU driver for its latest flagship lineup.
Amongst other chipmakers, MediaTek and Huawei also use Arm’s Mali GPU drivers.
How the manufacturers reacted to the risk
The report also notes that smartphone makers are yet to roll out an update on the users’ end that will fix their devices. The exploit was initially discovered by researchers in the Pixel 6 smartphone and even Google hasn’t fixed the issue despite the Project Zero warning, the report adds.

As it takes months for firmware security updates to reach all the affected devices, these vulnerabilities can be a concern. So, device makers need to test the fixes and implement them on their products as soon as possible to ensure users’ devices are safe.



Source link

Leave A Reply

Your email address will not be published.