Google discovered a dangerous zero day vulnerability on many Samsung Galaxy, Huawei, Xiaomi and even Pixel phones
Recently, a zero day flaw in Android was discovered by security researchers in the Google Project Zero team. This vulnerability affects many major phone companies including Huawei P20, Pixel 1 and Pixel 2, Xiaomi, Samsung with Galaxy S7, S8 and S9 . and most likely exploited by hackers.
According to the Android development team, if an attacker causes the target to install malicious apps or exploit them through a successful web browser, he will take complete control of the device.
Google's threat analysis team said NSO Group, an Israeli-based spyware company, may have sold or used the flaw.
This vulnerability has been exploited in practice, so the Android team only has 7 days to fix the bug before going public. The Google Project Zero team first revealed the bug to the Android team on September 27 and was made public on October 4.
Below is a list of devices affected by this vulnerability. However, the Project Zero team thinks that this list may still be incomplete.
Pixel 1 Huawei P20 Samsung Galaxy S7 Oppo A3 Pixel 1 XL Xiaomi Redmi 5A Samsung Galaxy S8 Moto Z3 Pixel 2 Xiaomi Redmi Note 5 Samsung Galaxy S9 Android Oreo smartphones of LG Pixel 2 XL Xiaomi A1Currently, the Android team has confirmed this vulnerability and considers it a serious problem at a high level. Android partners have been announced, and a patch is available for Android Common Kernel. This patch will be available in the October update for Pixel 1 and 2 devices, and Pixel 3 and 3A devices are not affected.
- Sim vulnerabilities threaten more than 1 billion phones globally
You should read it
- GitLab patches critical vulnerability that allows hackers to take control of accounts
- New privilege escalation vulnerability called 'Dirty Pipe' is threatening all Linux distros
- Google announced a serious vulnerability in the macOS kernel
- Google warns of a vulnerability that allows Android smartphones to be attacked with just a phone number
- Google Project Zero reveals a serious privilege escalation vulnerability in Windows
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- Zalo PC has a serious RCE error, you should be careful when receiving attachments
- How do I know if an application is using the phone's microphone?
- Google has just patched a critical Gmail vulnerability, allowing hackers to send fake emails
- The NSA issued an urgent warning about a critical vulnerability appearing in Windows servers
- The researcher released code that exploits the iOS Kernel vulnerability
Maybe you are interested
Cybercriminals are using Microsoft Teams calls to commit fraud
Ninja Team Code: Ninja Village 3D latest and how to redeem code
Black Rose Team DTCL Season 13
How to play the Recycled Team in Truth Arena season 13
Why buy Asus ROG Ally instead of Steam Deck OLED?
Instructions for installing and registering a Steam account on your computer