Android gets a lot of flak for security, but most of the time errors can be traced back to changes that were made to the open-source platform. This week, a security vulnerability in every Android phone Samsung has sold since 2014 was patched after being exposed by Google’s Project Zero.
Project Zero is a team within Google that focuses on finding major vulnerabilities in various platforms, and recently, they discovered exactly that with Samsung. On every Android phone Samsung has sold since 2014, a security vulnerability was found that could be exploited with no user interaction or notification that could deliver an attacker’s code to the system.
How does this work? explains that the attack goes after Android’s graphics library — Skia — using .qmg files. Samsung customized the way that its Android smartphones handle this image format specifically, in turn leaving this vulnerability open.
By sending MMS messages to a Samsung device using the Samsung Messages app, Qmage files could exploit Skia and bypass Android’s Address Space Layout Randomization protection. This attack takes multiple MMS messages since it takes time for the file to “guess” where the Skia is located. Once it is found, though, a final message can execute the attacker’s code.
The process generally takes around 100 minutes and between 50 and 300 messages to complete.
Samsung has already fixed this issue for many users, too. The May 2020 security patch that is already rolling out fixes the problem for any affected Galaxy smartphone. The Galaxy S20 and Galaxy S10 series, for example, have already been patched with more devices to follow. To reiterate, it does not affect other Android smartphones.
More on Samsung:
- Samsung and Google are working to bring RCS to Galaxy phones
- Samsung Galaxy S20 update delivers May security patch, not much else
- Samsung Galaxy S10 series now receiving the May 2020 security patch
Author: Ben Schoon.
Source: 9TO5Google