Google Finds Zero-Day Android Exploit Affecting Pixel, Samsung, and Mo

Google Finds Zero-Day Android Exploit Affecting Pixel, Samsung, and Mo

Another day, another security exploit report from Google’s Project Zero team. This time, the vulnerability is in the company’s own Android operating system, which will no doubt please Apple. The exploit affects a handful of phones from Google, Samsung, Huawei, and others. Google also notes there is evidence the exploit is already active in the wild.

The vulnerability is part of the Android system kernel and can allow an attacker to gain root access on a phone. That means they could access data, modify system apps, track your location, and more. Strangely, Google identified this vulnerability in late 2017 and added a patch to the Android code. However, the patch was not carried over into newer versions of Android (8.0 and later) on some phones.

Currently, Google has identified several phones that are exploitable via this kernel flaw, including but not limited to Google’s own Pixel 2, the Huawei P20, Xiaomi Redmi Note 5, LG’s Oreo phones, and the Samsung Galaxy S8 through S9 family. Because the exploit exists at a very low level in the system, it requires almost no per-device customization.

Google says Israeli security firm NSO Group has been actively using the exploit, a claim the company denies. NSO may simply be denying that it’s engaged in any hacks itself, and that may be true — it could simply be helping others to do it. NSO Group has long been under fire for making mobile phone hacking tools, which it sells to oppressive governments that use them to spy on activists and protesters.

Google’s proof of concept from the public bug tracker.
Google’s proof of concept from the public bug tracker.

A zero-day vulnerability is never a good thing, but this one could have been much worse. The only way to compromise a device with this vulnerability is by installing an app. It’s not a remote code execution flaw, so Google has rated the vulnerability as “high” instead of “severe.” Google’s Play Protect system knows about this exploit, so it should never show up in any sketchy Play Store apps. Thus, the only way to infect a device is to trick someone into sideloading an APK via the browser or some other app. Users will have to jump through some hoops to make that happen thanks to Android’s current security model.

Google’s latest October system patches squash this bug once and for all. Google devices like the Pixel 2 will probably get that update in the coming days. However, other vulnerable phones will have to wait for OEMs to create new customized builds of the OS. In the meantime, be careful what you install from shady corners of the internet.

Continue reading

Android 12 Could Include Major App Compatibility Improvements
Android 12 Could Include Major App Compatibility Improvements

Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.

Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021
Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021

The 888 comes with a new CPU design, integrated 5G, and a massive GPU boost. It's shaping up to be the most significant update to Qualcomm's flagship system-on-a-chip (SoC) in years.

Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon
Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon

Not only does this include the Googley Android 11 enhancements, but it also has numerous Samsung-specific changes as part of the One UI 3.0 revamp.

It Turns Out Huawei’s HarmonyOS Is Still Just Android
It Turns Out Huawei’s HarmonyOS Is Still Just Android

Following the Commerce Department's actions against the Chinese megafirm, Huawei has been unable to use Google services on its new phones. The company's solution was to develop HarmonyOS, but now that we've gotten our first real look at it, one thing is clear: this is just Android with a skin.