Researchers disclose high-severity zero-day vulnerability for Android OS

In News

A high-severity, zero-day security vulnerability for Android OS, which resides in the Video for Linux 2 (v4l2) driver has been disclosed. To exploit this vulnerability, attackers first needs to have local access to the device, following which they can take complete control of the device.

This vulnerability doesn’t help hackers break into users’ phones or attack remotely. Local access is required to inject malicious code, which can then be used to hijack the device.

Lance Jiang and Moony Li of TrendMicro Research first reported this vulnerability to Google in March. Google acknowledged it and promised a fix, but no ETA was provided.

After Google released its September 2019 Android Security Bulletin, which did not include a fix for this vulnerability, researchers from TrendMicro went public with the details.

With no security fix from Google, it is up to the Android users to keep their devices safe from attacks. It is highly recommended that users install applications only from verified sources.

Comments

You may also read!

Know the risks associated with sharing selfies

Tomas Foltyn, security writer at ESET discusses the risks that may come with sharing selfies, especially for kids and

Read More...

Etisalat to expand its cybersecurity portfolio with Help AG acquisition

With an eye to expand its stake in the cyber security market, UAE’s prime telecom operator, Etisalat has signed

Read More...

‘Ransomware is the attack of choice for modern day cyber criminals’

Oleg Bondarenko, Director, International Research at FireEye, speaks to Anita Joseph about ransomware attacks, the need for greater awareness

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu