Google has Fixed a Bug that Could be Used to Hack Millions of Devices Using an Image (You Need To Update)

A Bug has been fix by Google that could alow Hackers to hack million of device

Google has recently fixed a bug which could be used by hackers to hack million of phones and allow hackers to have control of your device and perform a remote code execution.

The image was not put in front of the user to act as a bait but the hackers were modifying images that get loaded in affected apps thus allowing attackers to brick the device or perform remote code execution.

Here is how it's done .

The exploit lies in the way some Android apps parse the Exif data of an image using the ExifInterface object. The user wouldn’t know their device has been compromised. Strazzere said that triggering the bug could be as simple as receiving an email or message. “Once that application attempts to parse the image (which was done automatically), the crash is triggered.”

As Strazzere told Forbes.“ Theoretically, someone could create a generic exploit inside an image to exploits lots of devices. However, due to my skill level, I had to specifically craft each one for the devices. Though once this is done, Gchat, Gmail, most other messengers or social media apps would likely allow this to trigger.”

The security patch update that Google released  will be available to devices running android 4.4.4KIKat and higher . So if you are using older devices I think it time to change and upgrade because the researchers went back to android 4.2 to see if the exploit works and unfortunately it worked but the older devices may not be patched.

An OTA update for all supported Nexus devices has been pushed on September 6, 2016. For non-nexus devices, a soon to be released update would be in the works.

So be on alert fox and focus of updating your device .

Did you find this article useful ? Tell us what you think by leaving a comment bellow.

Categories: 

Share This Story

Subscribe to RUUT.ug

Keep Up with Technology! Our news to your Email

About Author

A Technology enthusiast, developer and content maker that wants to keep you in the loop of that i keep an eye on. Let's Tech