adUnits.push({
code: ‘Rpp_tecnologia_moviles_Nota_Interna1’,
mediaTypes: {
banner: {
sizes: (navigator.userAgent.match(/iPhone|android|iPod/i)) ? [[300, 250], [320, 460], [320, 480], [320, 50], [300, 100], [320, 100]] : [[300, 250], [320, 460], [320, 480], [320, 50], [300, 100], [320, 100], [635, 90]]
}
},
bids: [{
bidder: ‘appnexus’,
params: {
placementId: ‘14149971’
}
},{
bidder: ‘rubicon’,
params: {
accountId: ‘19264’,
siteId: ‘314342’,
zoneId: ‘1604128’
}
},{
bidder: ‘amx’,
params: {
tagId: ‘MTUybWVkaWEuY29t’
}
},{
bidder: ‘oftmedia’,
params: {
placementId: navigator.userAgent.match(/iPhone|android|iPod/i) ? ‘22617692’: ‘22617693’
}
}]
});
Android is often a headache for Google for various reasons, and security is one of them. The effort to streamline patch updates has paid off for years, but there are still issues on the beat. However, it is curious that Google found bug fixes within the cult brand: own pixel.
According to the latest post Project ZeroThe Pixel development team did not resolve a conflict in ARM GPU drivers, a loophole that allows an attacker to gain write permissions to Google phones and other signatures.
“An attacker running native code in the context of an application can gain full system access, bypassing the Android permissions model and gaining wide access to user data.” Jann Horn, researcher at Project Zero, says.
Qualcomm is safe, but not everything else
This affected ARM GPU spans three previous generations of architectures, focusing on brands such as Samsung’s Exynos versions, Google Tensor, and MediaTek. In this case, Qualcomm uses Adreno for the graphics part, so it stays safe from the rest.
From this point of view, this vulnerability affects millions of smartphones in the world. According to Engadget, Google noted that “The solution provided by Arm is currently being tested for Android and Pixel devices and will ship in the coming weeks. Android OEMs will need to install a hotfix to comply with future SPL requirements.”
ARM has been notified
Project Zero said it submitted this assessment to ARM between June and July 2022 in hopes of fixing the vulnerability, which was patched in August. However, during testing of the hardware, the researchers found that Google and other OEMs did not apply this solution to end-user phones with embedded Mali graphics.
“Just as users are encouraged to install patches as soon as possible after the release of a version containing security updates, the same applies to vendors and companies.” highlights Project Zero. “Perhaps minimizing ‘missing patches’ as a vendor in these scenarios is more important as end users (or other downstream vendors) block this action before they can get the security benefits of a patch.”
Source: RPP
I am Ben Stock, a passionate and experienced digital journalist working in the news industry. At the Buna Times, I write articles covering technology developments and related topics. I strive to provide reliable information that my readers can trust. My research skills are top-notch, as well as my ability to craft engaging stories on timely topics with clarity and accuracy.