Google Unveils 11 Security Issues in Samsung's S6
BANGALORE: Good news for the Android users as the Google’s Project Zero narrows down the threats that will haunt the security of operating System. Recently, the Google Project Zero has found 11 high-impact threats in the Samsung’s flagship Smartphone Galaxy S6 Edge, reports IE.
Google explains for executing this to check how easy or difficult it would be to find bugs and security vulnerabilities in Android phones produced by OEMs.
Google quoted “OEMs are an important area for Android security research, as they introduce additional (and possibly vulnerable) code into Android devices at all privilege levels, and they decide the frequency of the security updates that they provide for their devices to carriers.”
The Project Zero Initiative by Google works on breaching into Android devicesthat access the contacts, photos and messages remotely through an existing app or app installed from PlayStore without permissions and running the code across a device.
According to the search giant, one of the viruses that were found allowed a downloaded file to be written as system. The blogpost posted, “when the file is unzipped in downloads, the API does not verify the file path and it can be written in unexpected locations.” However, this issue has been taken care by both Samsung and Google now.
Another major flaw pointed by Google was the Samsung’s email client where it lacked the authentication of the user to control the access of an unprivileged app to access emails. The same app can also forward emails to various accounts though the issue has been fixed by the company now.
Google discovered few more bugs such as “Samsung-specific image processing.” The device drivers and media processing were the most vulnerable parts in the Samsung devices. The most threatening issue was a hacker can launch javascript embedded in mails also remains unpatched and these bugs are not taken care as of yet.
However, Samsung promises its users to fix the remaining issues as soon as possible along with the high-severity issues that were rectified with an OTA update within 90 days.
Read Also:
Indian Consumers Want Retailers to Embrace New-Age Technology