Following the identification of a fresh 0-day vulnerability in Android, owners of some Samsung, Google, and other OEM handsets might wish to exercise a little extra caution while installing apps. That comes after a recent reports outlining the problem and a possible timetable for a fix. For the avoidance of doubt, a 0-day vulnerability is one that is unknown but has not yet been patched.
Since the new vulnerability won’t affect every device, it’s hardly the worst to have been discovered recently. Like at least a few more recent bugs. Additionally, it is unable to utilize some of the worst attack vectors. Because of this specific vulnerability, nothing can be remotely installed on user devices.
Installing and running it instead necessitates direct user participation. Users could have to download harmful programs, for example. However, once users grant access to such an app, there is a very high risk of injury. The flaw does allow for root capability, SELinux control, and arbitrary read and write access for attackers.
Advertisement WHO ELSE IS AFFECTED BY THE NEW SAMSUNG ANDAMP; GOOGLE 0-DAY VULNERABILITY? As was already mentioned, the new vulnerability affects several of the more well-known smartphone brands, like Samsung and Google. According to the researcher who found the vulnerability, it is directly related to the Linux Kernel. Therefore, not just phones from those OEMs will be impacted. Numerous other people might also be directly impacted.
Due to this vulnerability, which affects Linux Kernel 5.10, the majority of individuals affected will have more recent devices. Including some of the most well-liked cell phones on the market. as the Google Pixel 6 series and the Samsung Galaxy S22 series.
Users who are worried can want to verify the version they are using right now. OEMs typically include the data in the Settings app. It is frequently located under the About Phone section, after which the Software option is selected. Although some phones, like Pixel models, require you to choose the Android version in order to view the details.
Advertisement Google was also made aware of the issue by the researcher. Therefore, a fix ought to appear in a subsequent monthly patch. Unfortunately, the July patch has already been released, so August is probably when it will appear.