Vulnerability in PNG file can permit hackers to hack Android smartphones
Beware, whereas opening a harmless-looking image downloaded from the web, emails, social media apps, or messaging apps, because it may compromise your smartphone.
Google has found three new essential vulnerabilities that permit hackers to hack an Android smartphone just by looking at a PNG image. This bug has affected tens of millions of units that run on Android OS variations, starting from Nougat 7.Zero to its present Android 9.0 Pie.
The vulnerabilities, recognized as CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988, had been, nevertheless, patched in Android Open Source Project (ASOP) by Google as a part of their Android Security Updates for February 2019.
According to Google’s Android Security Bulletin, the vulnerability that permits “a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process,” is probably the most extreme vulnerability.
This signifies that if a hacker efficiently manages to deceive a person to open or obtain an image from any webpage, or obtained via an prompt messaging service, or as an attachment in an electronic mail, she or he can get entry to your smartphone.
Besides the three flaws, Google additionally included fixes for 42 vulnerabilities within the Android OS in whole in its 2019 February replace, of which 11 are thought of as essential, 30 excessive affect and one medium-gravity.
Google has stated that it has no stories of anybody exploiting the vulnerabilities listed in its February safety bulletin in opposition to actual customers or within the wild. The search large additionally stated that it has alerted its Android companions of all vulnerabilities a month earlier than publication, including that “source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours.”
Unfortunately, it’s unknown when third-party handset producers will roll out the safety updates on their telephones, as lots of them take weeks, if not months, to do roll them out. This means your Android handset continues to be not protected even after receiving the 2019 February replace. It is usually recommended that one ought to patch their Android smartphone as quickly as a safety replace obtainable from the handset producer.