There is a nasty vulnerability surfaced in the base of Android, which affects 66 percent of Android devices. Google is already aware and has shown to have a patch prepared for the problem.
There is a new vulnerability in the core Linux detected, causing 66 percent of all Android owners in trouble can come. The security Perception Point discovered the problem and indexed it as CVE-2016-0728. It turns out that this problem has existed for three years, since Linux (which is based on Android) launched version 3.8. The vulnerability allows people with local access to servers provide complete control over the root of Android. From Android 4.4 KitKat, apps can (parts of) the OS driving possible.
Fortunately, the company also indicates that there are no exploits of this vulnerability identified but until Google and Linux with a solution to the problem come, it still remains dangerous. Fortunately, Google has already shown to have prepped a solution to the problem. Here you can by Adrian Ludwig response, Android Security, read.
We have prepared a patch-which HAS BEEN released to open source and provided to partners today. This patch will be required on all devices with a security patch level of March 1st 2016 or greater.
In Addition, since this issue was released without prior notice to the Android Security Team, we are now investigating the claims made about the significance of this issue to the Android ecosystem. We believethat the number of Android devices affectedness is Significantly smaller than Initially Reported.
We believethat no Nexus devices are vulnerable to exploitation by 3rd party applications. Further, devices with Android 5.0 and above are protected, as the Android SELinux policy Prevents 3rd party applications from reaching the affectedness code. Also, many devices running Android 4.4 and Earlier do not containerization the vulnerable code Introduced in Linux kernel 3.8, ash Those newer kernel versions not common on older Android devices.
No comments:
Post a Comment