Google Finds Zero-Day Android Exploit Affecting Pixel, Samsung, and Mo

Google Finds Zero-Day Android Exploit Affecting Pixel, Samsung, and Mo

Another day, another security exploit report from Google’s Project Zero team. This time, the vulnerability is in the company’s own Android operating system, which will no doubt please Apple. The exploit affects a handful of phones from Google, Samsung, Huawei, and others. Google also notes there is evidence the exploit is already active in the wild.

The vulnerability is part of the Android system kernel and can allow an attacker to gain root access on a phone. That means they could access data, modify system apps, track your location, and more. Strangely, Google identified this vulnerability in late 2017 and added a patch to the Android code. However, the patch was not carried over into newer versions of Android (8.0 and later) on some phones.

Currently, Google has identified several phones that are exploitable via this kernel flaw, including but not limited to Google’s own Pixel 2, the Huawei P20, Xiaomi Redmi Note 5, LG’s Oreo phones, and the Samsung Galaxy S8 through S9 family. Because the exploit exists at a very low level in the system, it requires almost no per-device customization.

Google says Israeli security firm NSO Group has been actively using the exploit, a claim the company denies. NSO may simply be denying that it’s engaged in any hacks itself, and that may be true — it could simply be helping others to do it. NSO Group has long been under fire for making mobile phone hacking tools, which it sells to oppressive governments that use them to spy on activists and protesters.

Google’s proof of concept from the public bug tracker.
Google’s proof of concept from the public bug tracker.

A zero-day vulnerability is never a good thing, but this one could have been much worse. The only way to compromise a device with this vulnerability is by installing an app. It’s not a remote code execution flaw, so Google has rated the vulnerability as “high” instead of “severe.” Google’s Play Protect system knows about this exploit, so it should never show up in any sketchy Play Store apps. Thus, the only way to infect a device is to trick someone into sideloading an APK via the browser or some other app. Users will have to jump through some hoops to make that happen thanks to Android’s current security model.

Google’s latest October system patches squash this bug once and for all. Google devices like the Pixel 2 will probably get that update in the coming days. However, other vulnerable phones will have to wait for OEMs to create new customized builds of the OS. In the meantime, be careful what you install from shady corners of the internet.

Continue reading

Astronomers Might Finally Know the Source of Fast Radio Bursts
Astronomers Might Finally Know the Source of Fast Radio Bursts

A trio of new studies report on an FRB within our own galaxy. Because this one was so much closer than past signals, scientists were able to track it to a particular type of neutron star known as a magnetar.

Scientists Find Planet Where It Rains Molten Rock
Scientists Find Planet Where It Rains Molten Rock

The ground is rock, the seas are rock, and yes, even the air is rock.

Apple’s M1 Continues to Impress in Cinebench R23, Affinity Photo
Apple’s M1 Continues to Impress in Cinebench R23, Affinity Photo

New Cinebench R23 benchmarks paint AMD in a more competitive light against the M1, but Apple's SoC still acquits itself impressively. The Affinity Photo benchmark, however, is a major M1 win.

Nvidia: RTX 3000 GPUs Will Remain Hard to Find Into 2021
Nvidia: RTX 3000 GPUs Will Remain Hard to Find Into 2021

There's no hope for a near-term improvement in RTX 3000 GPU availability. Shortages will likely continue through the end of this year and into the beginning of 2021.