U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Are your Android devices updated? Researchers say maybe no

Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […]

android devices patches

Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks.

Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola.

In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to cyber attacks.

“Phones now receive monthly security updates. Installing patches every month is an important first step, but is still insufficient unless all relevant patches are included in those updates. Our large study of Android phones finds that most Android vendors regularly forget to include some patches, leaving parts of the ecosystem exposed to the underlying risks.” reads the blog post published by the SRL team. 

The popular SRL experts Karsten Nohl and Jakob Lell presented the findings of the research at the Hack In The Box security conference in Amsterdam, the Netherlands.

The experts pointed out that that, even if Google is able to install some security patched over-the-air without vendor interaction, in some cases the fixes affect low-level faulty software components, such as drivers and system libraries, and this process needs the involvement of manufacturers.

The experts explained that some Android devices receive only half of the monthly updates, in some cases only from Google and none from the manufacturer.

The following table shows the average number of missing Critical and High severity patches before the claimed patch date (Samples – Few: 5-9; Many: 10-49; Lots: 50)
Experts clarified that some phones are included multiple times with different firmware releases.

android devices patches

Researchers at SRL explained that the only way to discover what is installed on your device is to take a look at what is included in the monthly fixes from Google verify that most important updates are present on the device.

The good news for users is that the failure in patch management is some cases is not enough for an attacker to remotely compromise an Android device and bypass defense mechanisms like Android’s sandbox and ASLR.

“Modern operating systems include several security barriers, for example, ASLR and sandboxing, all of which typically need to be breached to remotely hack a phone.” continues the researchers.

“Owing to this complexity, a few missing patches are usually not enough for a hacker to remotely compromise an Android device. Instead, multiple bugs need to be chained together for a successful hack.”

I suggest you read the research paper for more details.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Android devices, security patches)

[adrotate banner=”5″]

[adrotate banner=”13″]