Welcome to WebmasterWorld Guest from 3.227.249.234

Forum Moderators: phranque

Android flaw being exploited NOW

     
8:29 am on Oct 5, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10457
votes: 1091


Google is warning owners of some popular Android devices to keep a close eye on their gear following the release of an exploit for an unpatched flaw.

A post from the Chocolate Factory's in-house Project Zero crew outlines the flaw, a use-after-free bug in the Android Binder driver that could be exploited by a local app to elevate privileges.

[theregister.co.uk...]
I am probably the only webmaster who does not own a cell phone, but so many I know do ... there is a patch, but Pixel, S-Series, Moto Z3 remain among the most vulnerable gear. Final comment?:

As the vulnerability must be exploited locally, users and admins will go a long way towards protecting themselves by making sure they do not download any apps from untrusted sources and keep their systems updated to block against other flaws that could be chained with this bug to create remote attacks.