ANDROID ALERT: Huge Malware Threat Discovered (And Google Doesn’t Have A Fix)


Google has allegedly known about a major security flaw with its Android operating systems for months, according to TrendMicro’s Zero Day Intiative – but there’s still no update to fix it. To make sure your device is safe, here’s what you should do.

[referenced url=”https://www.lifehacker.com.au/2019/09/the-10-best-features-in-android-10-according-to-google/” thumb=”https://www.lifehacker.com.au/wp-content/uploads/sites/4/2019/09/soundamplifier-410×231.jpg” title=”The 10 Best Features In Android 10 (According To Google)” excerpt=”Android 10 has finally launched for Pixel owners around the world with other Android users getting their turn later this year. To help you sift through all the changes, here are the top ten highlights, according to its own maker, Google.”]

According to TrendMicro researchers the newly discovered flaw allows an attacker, through an app you might have installed, to escalate privileges, which could lead to completely overtaking your Android device. It can do this through the v4l2 driver, used for capturing videos.

“An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability,” the post read.

“The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this to escalate privileges in the context of the kernel.”

The vulnerability was first spotted and disclosed to Google by two TrendMicro Research workers, Lance Jiang and Moony Li, in March 2019. Google initially acknowledged the flaw back in March and requested more information. By late June, Google told the TrendMicro researchers it would fix the flaw but didn’t provide a timeline. On September 4, nearly six months later, TrendMicro publicly released the issue and outlined there was still no patch.

So, how do I protect my Android device?

While Google is yet to provide an official fix for the vulnerability, there are some precautions you can take to avoid it happening to your device. Firstly, don’t download dodgy apps from the Play Store. While they might offer some sort of convenience in the short term, it’s these sorts of shady apps that can have lax security measures and might be susceptible to malware.

If you’re pretty sure all your apps are above-board, give yourself some peace of mind by checking whether they have access to video recording when they don’t really need to. To check, head to Settings, Apps and Notifications, App permissions and then Camera permissions. Here you’ll be able to go through the list of your apps to see which ones have access to your camera and if it’s something like a game or calculator app, it probably doesn’t need access to your camera.

[referenced url=”https://www.lifehacker.com.au/2019/09/how-does-ios-13-stack-up-to-android-q/” thumb=”https://i.kinja-img.com/gawker-media/image/upload/t_ku-large/eson324dxzqm6dlmookc.png” title=”How Does iOS 13 Stack Up To Android 10?” excerpt=”Forget Game of Thrones. The greatest war story ever told was one of two highly heralded platforms: iPhone versus Android. They’re in constant competition, and there’s never a shortage of shade, whether it’s Apple dropping a truth bomb about Android’s flip-a-switch privacy during its WWDC ’19 keynote, or Google showing off the prowess of its integrated AI smarts at its developer event.”]

[Via Tom’s Guide]

Comments


2 responses to “ANDROID ALERT: Huge Malware Threat Discovered (And Google Doesn’t Have A Fix)”

Leave a Reply