Wednesday, 4 November 2015

Critical Android Leak Fixes In Nexus Devices

During the patch cycle is from November Google poem multiple critical vulnerabilities in the Android version of Nexus devices, allowing an attacker to execute remote code on smartphones and tablets. Just as Microsoft is also Google each month with security updates.

It is in this case for updates to Nexus devices. The updates November fix seven vulnerabilities, two of which are labeled as critical. Through Critical vulnerabilities an attacker could execute code remotely on the device, for example by sending an MMS message, or if the user opens an e-mail or website. These are two leaks in the media server and libutils. The remaining five vulnerabilities, including one in the Stage Fright library, have a lesser impact.

According to Google, Android has several security measures that reduce the likelihood that Android leaks can be attacked successfully. For example, there are anti-exploit measures added to newer versions Android. In addition, search the Android Security Team via Verify Apps and SafetyNet to potentially harmful applications. Further send Google Hangouts, and Messenger will not automatically media to processes such as media server.

Updates are over-the-air (OTA) offered and are also available as firmware download. When the updates for the Android handsets from other manufacturers appear is unknown.

No comments:

Post a Comment