Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Vulnerabilities in Android allow malware to read device information even without permission
A vulnerability in Android allows poisoned applications to pass the request to allow the right to read device information, thereby 'peeking out' more information than allowed, including the ability to help it track equipment location.
Discovered by Nightwatch Cybersecurity, this vulnerability affects every version of Andorid, except the newly released OS is Android 9 or Android Pie.The vulnerability code is CVE-2018-9489 and the possibility is not fixed.
'The vendor will fix the bug on Android P / 9, because it will have to change API a lot, so there are no plans to fix it on previous Android versions.Users should upgrade to Android 9 / P or newer versions, "Nightwatch Cybersecurity said.
With this vulnerability, malicious applications can bypass the level of user information access, read device information, from WiFi network names, IP addresses to DNS server information, MAC address.Researchers warn that it will open the door for malicious behaviors such as tracking device location.
Vulnerabilities in Android allow malware to read device information even without permission Picture 1
Users only have to update Android Pie if they want to patch this security hole
'The MAC address is unchanged, tied to the device, so it can be used to identify and monitor Android devices even when using a random MAC address.Network name and / or BSSID can be used to locate users by searching on databases such as WiGLE or SkyHook.Other network information can also be used to find out, attack WiFi networks'.
This security vulnerability has been reported to Google since March this year, but has only been overcome by the tech giant on the latest Android version.So the only way to secure your device is to update it to Android Pie.However, this is not easy because most OEMs are still planning to update the OS, maybe a few months away.
See more:
- Phones from 11 manufacturers may be attacked by hidden AT commands
- Fortnite for Android has a security vulnerability
- Millions of Android devices stick with security holes in firmware, hackers can exploit to lock users' machines
Micah SotoYou should read it
- IBM developed a new technology to patch security holes
- A serious security error appeared on Android that allowed hackers to control smartphones through a photo
- Fortnite for Android has a security vulnerability
- Android apps used by the US military in combat have security holes
- Find security holes on every site with Nikto
- Security vulnerabilities - basic insights
- 9 misconceptions about security and how to resolve
- The malicious video file causes users to lose control of the device 'storming' in the Android world
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
- 5 common errors in managing security vulnerabilities
- How to scan websites for potential security vulnerabilities with Vega on Kali Linux
- Settings that help improve the security of your Android device
Maybe you are interested
Attack the network
Already have Samsung Internet 9.0 with many upgrade points, invite you to download and experience- Facebook was attacked, more than 50 million user accounts are at risk of being leaked
- There is a new zero-day vulnerability in Windows
- If you do division by 0 on a computer, what will happen?
- China has at least 10 PoP presence points to hijack the network architecture
- iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1
Already have Samsung Internet 9.0 with many upgrade points, invite you to download and experience
Facebook was attacked, more than 50 million user accounts are at risk of being leaked
There is a new zero-day vulnerability in Windows
If you do division by 0 on a computer, what will happen?
China has at least 10 PoP presence points to hijack the network architecture
iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1