Information Security News mailing list archives
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 7 May 2020 06:42:26 +0000 (UTC)
https://www.zdnet.com/article/samsung-patches-0-click-vulnerability-impacting-all-smartphones-sold-since-2014/ By Catalin Cimpanu Zero Day ZDNet May 6, 2020South Korean smartphone vendor Samsung released this week a security update to fix a critical vulnerability impacting all smartphones sold since 2014.
The security flaw resides in how the Android OS flavor running on Samsung devices handles the custom Qmage image format (.qmg), which Samsung smartphones started supporting on all devices released since late 2014.
Mateusz Jurczyk, a security researcher with Google's Project Zero bug-hunting team, discovered a way to exploit how Skia (the Android graphics library) handles Qmage images sent to a device.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 InfoSec News (May 06)