views
Android smartphone users face regularly threat from different security issues and this week it has a big problem that affects millions of users. Most of these smartphones run on Qualcomm and MediaTek chipsets, and because of a security vulnerability in an audio format, over 67 percent of Android smartphones were at a big risk of security attack.
Even though the vulnerability was fixed with a patch last year, millions of Android smartphone could have fallen prey to the problem, putting them in danger.
Also Read: Poco Watch Smartwatch to Launch on April 26: All Details
All these details have been given by researchers at Check Point Research this week. Its researchers discovered the problem via the Apple Lossless Audio Codec or ALAC that Apple opened up to non-Apple devices to offer lossless music quality for streaming.
Folks at Check Point Research mentioned that using the vulnerability in ALAC files, attackers could deliver a remote code execution (RCE) attack on the device. Such an attack is capable of letting the attacker access your smartphone’s camera, and even infect any media file with a malware that can leave the gates open for further intrusion.
Check Point Research added that the smartphones powered by MediaTek and Qualcomm somehow ported the ALAC vulnerability into their audio decoders. Both these chipset makers have a 48.1 per cent and 47 per cent market share, respectively, which makes them the ideal target for the attackers.
The security issue was discovered by Slava Makkaveev along with Netanel Ben Simon, who mentioned the threat was serious and easily allow the attackers to see everyone on the affected smartphone.
Also Read: Apple Watch Series 6 Gets Free Repair Service For Blank Screen Issue: Here’s How It Works
“The vulnerabilities were easily exploitable. A threat actor could have sent a song (media file) and when played by a potential victim, it could have injected code in the privileged media service. The threat actor could have seen what the mobile phone user sees on their phone."
WATCH VIDEO: Oppo Find X5 Pro Quick Look: The Power-packed Oppo Flagship Smartphone That India May Miss
To its credit, Check Point Research had sent all the details about the vulnerability to MediaTek and Qualcomm, who were quick to fix the problem with their respective security patch in December last year.
Read all the Latest Tech News here
Comments
0 comment