- Joined
- Jan 30, 2012
- Messages
- 6,645
- Reaction score
- 3,511
- Location
- Thailand
- Current Phone Model
- iPhone 7 Plus JB
Google has released an Android update that closes two security holes that could pose a major threat if intruders found a way to exploit them. The first was only designed for "research purposes" and would only have been malicious if modified.
The other flaw was similarly to the well-known Stagefright exploit, letting an attacker send an altered JPEG image through Gmail or Google Talk to hijack your phone.
The issue,as Sentinel One researcher Tim Strazzere explained to Threatpost, is that it's both easy to find and capitalize on this vulnerability.
This bulletin has three security patch level strings to provide Android partners with the flexibility to move more quickly to fix a subset of vulnerabilities that are similar across all Android devices. See Common questions and answers for additional information:
- 2016-09-01: Partial security patch level string. This security patch level string indicates that all issues associated with 2016-09-01 (and all previous security patch level strings) are addressed.
- 2016-09-05: Partial security patch level string. This security patch level string indicates that all issues associated with 2016-09-01 and 2016-09-05 (and all previous security patch level strings) are addressed.
- 2016-09-06: Complete security patch level string, which addresses issues that were discovered after partners were notified of most issues in this bulletin. This security patch level string indicates that all issues associated with 2016-09-01, 2016-09-05, and 2016-09-06 (and all previous security patch level strings) are addressed.
- Supported Nexus devices received a single OTA update with the September 06, 2016 security patch level.
- All carriers have received updates as well.
Source: Google Android Security Bulletin
