Zero-day Android found in Pixel, Samsung Huawei, and Xiaomi
Google revealed that he found evidence of one vulnerability Android used by hackers and attackers in the real world, a so-called “zero-day“.
The team Google’s Project Zero Security he discovered one zero-day in android which may have been activated for some time. The vulnerability was found in the kernel of the system operating Android and can be used by malicious people to gain access root of a device.
Yet the vulnerability had been identified in the December 2017 and promptly corrected with a patch in the moles android kernel version 3.18, 4.14, 4.4, and 4.9but now zero-day has been found active even in the latest versions of the operating system.
According to Google researchers, the attack affects cellphones with Android 8 up to the latest versions. Those tested by Google and officially listed are:
- Pixel 2
- Huawei P20
- Xiaomi Redmi 5A
- Xiaomi Redmi Note 5
- Xiaomi A1
- Oppo A3
- Moto Z3
- LG with Oreo
- Samsung S7, S8 and S9
Furthermore, Google speculates that the vulnerability, by not requiring changes or customizations of the device, could affect one more wide range of mobile phones. Of course, this cannot be officially confirmed until the test by researchers as was done for the devices listed above.
The zero-day was also confirmed by the Google’s Threat Analysis Group (TAG)the same team that had discovered ben days ago 14 zero-day in Apple’s iOS systemwhich also claims that the flaws of the two operating systems are unrelated and believes that Android is the work of the group NSOa note Israeli company known for selling exploit And surveillance tools.
In the past the NSO has been criticized for selling tools of hacking to oppressive regimes and, in the face of these criticisms, it announced that it will vigorously fight customers who abuse its tools for to spy innocent or opponents politicians.
A spokesperson for the NSO stated: “NSO has not sold and will never sell exploit or news about vulnerability, the latter has nothing to do with NSO; our work is focused on developing products designed to help authorized secret services and the police to save lives “.
There good news is that the current zero-day of Android it is not dangerous like those of the past. It’s not a RCE (remote code execution) which can be activated without user interaction. There are some conditions that must be met before the malicious can take advantage of this vulnerability.
The zero-day it’s a vulnerability in the safety of the operating system not expressly known to developer or to manufacturing company. When a hacker discovers this flaw in the code, he creates a program, called exploitwhich takes advantage of that weakness to log into the device and run operations that to a normal user are not allowed. At this point, it developer must immediately (zero days, hence the name) find a solution, create the patch and include it in a update user installable.
An operating system like Androidbeing a complex software to which they have put dozens and dozens of hands programmers during the years of his life, he necessarily contains undiscovered vulnerabilities that could become active at any moment.
To better understand why this happens, let’s use a old house as an analogy. At the time of its purchase, we do not know all defects which has because we were not present at its construction and furthermore, all the previous owners have contributed changes and extensions possibly worsening the list of defects.
For Android it’s the same thing: it was created in October 2003 from Andy Rubin, Rich Miner, Nick Sears and Chris Whitehas been acquired from Google on August 17, 2005 and with each new version i programmers they modified and expanded the code.
For further insights on zero-day that afflicts Androidin the following link, you will find the note of the group Google’s Project Zero: https://bugs.chromium.org/p/project-zero/issues/detail?id=1942