Over 600 million smartphones Samsung Galaxy contain open vulnerability allows hackers to silently deploy malicious code to the device, to intercept messages and telephone calls.
Smartphone Samsung Galaxy contains a vulnerability that allows attackers to gain access to the sensors, GPS, cameras and microphones, quietly install malicious applications, interfere with other applications and the operating of smartphone intercept messages and listen to calls, access to photos and videos. This was at the Black Hat conference in London, said the expert in information security of the company NowSecure Ryan Welton (Ryan Welton).
A vulnerability in particular, is contained in annex keyboard Swift, allows you to type text, leave your finger on the screen. According to the expert, this application is pre-installed on more than 600 million smartphones Samsung. It can not be disabled or deleted.
The problem lies in the fact that Swift is present in the application rather weak authentication mechanism mounted keypads and updates received via the Internet in the ZIP-packages.
The company NowSecure gave information about the vulnerability of Samsung in December 2014 was assigned the number Vulnerability CVE-2015-2865. Also experts informed the company Google – the developer platform Android.
In the early 2015 Samsung has provided its partners-carriers patch to correct the problem. But, according to NowSecure, today in the American version of Galaxy S6 problem is still present. As of June 16, 2015 as the vulnerability is still contained in the Galaxy S5, Galaxy S4 and Galaxy S4 Mini, according NowSecure. Analysts doubt that the distribution of the patch through operators – fast and effective solution.
No comments:
Post a Comment