Google publishes interim kernel patch for critical vulnerability in Android

Mar

20

2016

Google on Friday issued an interim security update for its Android operating system to seal a leak. The company did not wait for the monthly patch round because the vulnerability as “critical” is designated by the company.

The vulnerability gets the name CVE-2015-1805 with. Devices with Linux kernel version 3.4, 3:10 and 3:14 are vulnerable. Version 3.18 and later of the kernel are already out of range. Although this vulnerability has long been known to Google, the company has recently of security Zimperium evidence accumulated that the leak is also pretty easy to exploit. The exploits a malicious application can permanently elevated privileges, or root access verkijgen. That could only be resolved by the operating system to flash again. Google reported there in that it has not observed that the exploit is actually being used in the wild.

Android logo However, the wait is not necessarily on the different manufacturers to release the kernel update for their devices. Google itself has the malware scanner from the Play Store updated apps that exploit the vulnerability to filter out. Moreover, the Verify Apps feature of Android is updated. This detects the apps in question when they are installed outside the Play Store. Thus the risk in this case already seems much smaller. Nexus devices will be updated within a few days, Google promises. are immediately AOSP patches available to manufacturers of non-Nexus devices.

Viewing:-162

In: Technology & Gadgets Asked By: [15207 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »