Google Alert – This may be the most ‘dangerous’ threat of 2019 for Android smartphone users: Devices at risk, other details (Network Hacking)

Dec 10, 2019, 08:43 AM IST

1 / 14

This may be the most ‘dangerous’ threat of 2019 for Android smartphone users: Devices at risk, other details

Google’s latest security bulletin (for December 2019) has ‘bad news’ for Android smartphone users. The advisory names three security flaws, one of which Google has termed as “most severe”. For, it can permanently brick your Android smartphones. Here’s all you need to know about this ‘dangerous threat’ and more …

…Read more

2 / 14

The threat has been revealed in Google’s December 2019 Android Security Bulletin

…Read more

3 / 14

In all three vulnerabilities, one is ‘most severe’

As per Google’s security bulletin, there are three vulnerabilities. Of these, two are rated as critical. The third one — CVE-2019-2232– has been highlighted as”most severe”.

…Read more

4 / 14

According to official NIST National Vulnerability Database, the vulnerability in the “handleRun of TextLine.java” could create a “possible application crash.” This may lead to permanent denial of service as the attack can brick your smartphone

…Read more

5 / 14

What causes the attack

A maliciously-crafted message can cause a denial of services to your Android device.

…Read more

6 / 14

What is the solution: Installing Android’s December security update

Installing December security update as soon as it is available can help.

…Read more

7 / 14

What is the problem: Not all Android devices receive timely security updates, and many old ones don’t

The biggest problem here is that not all Android smartphones receive timely security updates. Many do, but not as quickly as they should. Many old ones don’t even receive security patches. Smartphone users with older Android devices and many with not-so-known brands may not get the patch at all.

…Read more

8 / 14

According to the description in Android Security Bulletin, “User interaction is not needed for exploitation.” The remote denial of service attack needs “no additional execution privileges,” adds the bulletin

…Read more

9 / 14

Devices affected: The security flaw affects devices running on Android 8.0, Android 8.1, Android 9 and Android 10

The vulnerability affects devices running on Android 8.0, Android 8.1, Android 9 and Android 10 versions.

…Read more

10 / 14

Good news: Patch is already out, but needs to be installed

The good news is that security patch for CVE-2019-2232 and the other security vulnerabilities has already been released to the Android Open Source Project (AOSP) repository.

…Read more

11 / 14

Bad news: When and if you get the update depends on your smartphone manufacturer

…Read more

12 / 14

Google devices are likely to be the first ones to get the update

Google released OTA updates on the same day as the monthly bulletin was released.

…Read more

13 / 14

How to check if security patch is available

Most likely you will get a notification about the OTA update. In case, you feel you may have missed the update, just check your security patch level. To do this, check: Settings > About phone > Android security patch level.

…Read more

14 / 14

On Android 9, this is: Settings —+ System —+ Advanced —+ System updates. Please note that most smartphone manufacturers add their own update, in addition to Google’s

…Read more

Article source at https://www.gadgetsnow.com/slideshows/this-may-be-the-most-dangerous-threat-of-2019-for-android-smartphone-users-devices-at-risk-other-details/photolist/72448877.cms