The team developing the Android system announces the establishment of a new security policy as well as a fix for a recently discovered vulnerability. This could boost more generally the whole deployment system, Google in mobile user via the manufacturer and mobile operators.
In recent weeks several important vulnerabilities have been discovered in the Android system. Google seems to react and announces new measures.
Two important vulnerabilities
At the end of last month, we reported that a researcher had found a particularly significant vulnerability within the Android system as it affects 95% of terminals in circulation. The firm explained Zimperium indeed a simple MMS corrupted Stagefright allowed to operate, the media playback tool integrated to Android, to remotely execute code and access to personal information.
A few days Later, the company Trend Micro stated that a video file that is placed within the content Matroska could simply crash the device and make it completely inoperative via an application designed to run from the start of the smartphone.
A fix for Stagefright
On the occasion of the BlackHat conference, Adrian Ludwig, security engineer at Google, explained that a fix for the family Nexus smartphone was released on Wednesday, which was also shared with Google’s partners.
According to the Business Insider magazine, Google also explained that the most popular Android devices will have the update sometime in the month, that is to say the Samsung Galaxy S6 and S6 Edge, the Galaxy S5, the Galaxy Note 4 and Note Edge, the HTC One M7, M8 One, the One M9, the LG G2, G3, and G4, the Sony Xperia Z2, Z3 Xperia, Xperia Z4 and Z3 Compact Xperia and all Android devices at One program.
In addition, Google announced that the Messenger application will be updated manually activated with videos to prevent viruses from spreading to his contacts. Also, Mr. Ludwig wants dramatize the situation and recalls that 90% of Android smartphones have the ASLR – the random distribution of the address space. – Complicating access to the phone memory for a hacker
Monthly updates for Nexus …
On its official blog, Google adds Nexus family will receive terminals patches regularly, every month and direct transfer (OTA), the first smartphones are updated the Nexus 4, Nexus 5, 6 Nexus, Nexus 7, Nexus 9, Nexus 10 and Nexus Player. Meanwhile, Google will publish the patch in the code of the AOSP, the Android Open Source Project
Google says. “ Nexus devices will continue to receive major updates for at least the next two years as well as the security patch for three years after they are made available on the market starting 18 months or if the sale was made via the Google Store . “
… and for the Samsung Galaxy
On its official blog, Samsung announces his side will also strengthen the security of its smartphones of the Galaxy family. The Korean automaker said it had accelerated its deployment device facing the Stagefright vulnerability and intends to strengthen its efforts more generally.
So every month the Samsung Galaxy receive new security updates. The company says it is in discussions with operators worldwide to implement this new approach.
Still, the acceleration of the process that could be generalized to other smartphone manufacturers concerns only updates critical updates and probably not new versions of the operating system. Builders, and operators, will always take the time to develop and test their software overlays …
No comments:
Post a Comment