Follow

Android :android: Security Bulletin — February 2019:

source.android.com/security/bu

– most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process
– no reports of active customer exploitation or abuse of these newly reported issues

@infosechandbook

Looks like there are vulnerabilities in firmware included

Generally these are not available for devices that no longer have updates from their manufacturer, even with Android ROMs which report an up-to-date security patch level

Sometimes ROMs dont include these security patches even if they are released by the device manufacturer

Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse.