Three months ago Google launched a routine investigation by his team Project Zero internal hackers, this time directed to find bugs (faults in programming or software design) Edge smartphone Samsung Galaxy S6.
The result was eleven security errors that were discovered in TouchWiz, the layer of customization of the manufacturer.
One of the vulnerabilities found in the email software Samsung could have allowed hackers Computer convey messages of the victim to his own.
Another failure can alter the configuration of the photo viewing application by sending a specially coded image.
The most serious
However, Google said the most worrying issue was the existence of a “directory traversal” in a wireless utility built into the phone, with which you can sort the application to access a file that should not be accessible and should not be accessible.
“If someone gave malicious software data, may change other files on the system and interfere with other functions, especially with security features, “said Steven Murdoch, a security researcher at University College London.
” Eventually could allow someone to take control of the entire phone, “he said.
11 security flaws discovered in the Samsung S6 Edge
“Android tries to have layers of protection, so even if there’s another through a” explained the expert, but fails “removes some very important layers of such protection”.
The bugs “considerably weakened the safety” of the operating system Google in the independent expert opinion.
“There’s definitely a strain between Google and mobile phone manufacturers because Google wants to protect its Android brand, and when it comes to safety, Android has been quite tarnished, “he said.
Quick action
The work of Project Zero by Google, consists in discovering previously unknown security flaws.
“In the course of a week, a total of eleven errors encountered a serious impact security, “the team wrote in his blog.
” Most of these problems were solved in the device that have examined through an OTA (technology that allows the operator to transmit data wirelessly to terminals and remote sites) over a period of 90 days.
“It is encouraging that more serious issues were resolved and updated on the device within a reasonable time,” he said.
Discover 11 security flaws in the Samsung S6 Edge
A statement from Samsung said it has solved 8 errors and the remaining three will be fixed through a security update later this month.
“Maintaining the trust of our customers is a priority,” the company said.
Samsung confirmed that it had addressed this particular issue in a security update released last month.
“Samsung encourages users to keep their software updated at all times and applications,” the spokesman added.
No comments:
Post a Comment