Some KitKat Devices With MediaTek Chipset Have Vulnerability Bug

Discussion in 'Android News' started by DroidModderX, Jan 29, 2016.

  1. DroidModderX

    DroidModderX Super Moderator
    Staff Member Premium Member

    Joined:
    Oct 6, 2011
    Messages:
    5,690
    Likes Received:
    2,115
    Trophy Points:
    478
    Ratings:
    +2,234
    [​IMG]

    Some Kit Kat devices with the MediaTek Chipset that run Kit Kat Android 4.4 have a vulnerability. This vulnerability allows for exploits that could gain root access on your phone. Once a hacker has access they could even brick your phone or spy on calls and texts. Security Expert "Jcase" tweeted about the bug earlier in the month, and MediaTek is finally confirming that the bug does exists. According to MeidaTek they instructed OEMs to disable debug before shipping phones. MediaTek has decided to not release a list of vulnerable devices. Just to be safe you will want to upgrade your device from Kit Kat as soon as an update is available. MediaTek says they will inform manufacturers whose phones have the vuln.

    via Gadgets360
     
  2. prime

    prime Kernel Developer
    Premium Member Developer

    Joined:
    Apr 26, 2010
    Messages:
    1,900
    Likes Received:
    55
    Trophy Points:
    128
    Location:
    Florida
    Ratings:
    +57
    Just patch the exploit, just lazy..
     
  3. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,624
    Likes Received:
    5,114
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,072
    Current Phone Model:
    Nexus 6P/5X
    Why? Kitkat is two versions outdated. Push devices to base lollipop.
     
  4. prime

    prime Kernel Developer
    Premium Member Developer

    Joined:
    Apr 26, 2010
    Messages:
    1,900
    Likes Received:
    55
    Trophy Points:
    128
    Location:
    Florida
    Ratings:
    +57
    It takes a few days to release a patch, it takes much longer to release an entire system update.
     
  5. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,624
    Likes Received:
    5,114
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,072
    Current Phone Model:
    Nexus 6P/5X
    True but that "Patch" will never happen. They hope for everyone to upgrade so they don't need to do it. That patch could also break more than it fixes. As a developer, this is all too common.

    M1KU6MO.jpg
     
    • Like Like x 1
  6. prime

    prime Kernel Developer
    Premium Member Developer

    Joined:
    Apr 26, 2010
    Messages:
    1,900
    Likes Received:
    55
    Trophy Points:
    128
    Location:
    Florida
    Ratings:
    +57
    I'm saying security exploits should be patched, you don't release an entire OS upgrade over a vulnerability.

    Not doing so and not releasing a list of affected devices is a poor decision.