Experts have found major security flaws in chips being used in nearly 900 million Android smartphones globally that could give cyber criminals complete access to the data.
According to them, the bugs were uncovered at the software running on chipsets made by US firm Qualcomm, BBC reported on Monday.
Qualcomm processors are found in about 900 million Android phones, Check Point said, adding that there is no evidence of the vulnerabilities currently being used in attacks by cyber thieves.
“I am pretty sure you will see these vulnerabilities being used in the next three to four months,” Michael Shaulov, head of mobility product management at Checkpoint, was quoted as saying.
The flaws, which were found in software that handles graphics and in code that controls communication between different processes running inside a phone, were revealed after six months of work to reverse engineer Qualcomm’s code.
The attackers can exploit the bugs to gradually take control over a device and gain access to data. “It is always a race as to who finds the bug first, whether it is the good guys or the bad,” Shaulov added.
According to the report, Check Point handed information about the bugs and proof of concept code to Qualcomm earlier this year.
In response, Qualcomm is believed to have created patches for the bugs and started to use the fixed versions in its factories.
As a security measure, Android owners should download apps only from the official Google Play store.
Android bug fear in 900m phones
Android bug fear in 900m phones
Apple to update EU browser options, make more apps deletable
- iPhone maker came under pressure from regulators to make changes after the EU’s sweeping Digital Markets Act took effect on March 7
- Apple users will be able to select a default browser directly from the choice screen after going through a mandatory list of options
STOCKHOLM: Apple will change how users choose browser options in the European Union, add a dedicated section for changing default apps, and make more apps deletable, the company said on Thursday.
The iPhone maker came under pressure from regulators to make changes after the EU’s sweeping Digital Markets Act took effect on March 7, forcing big tech companies to offer mobile users the ability to select from a list of available web browsers on a “choice screen.”
The new rules require mobile software makers to show the choice screen where users can select a browser, search engine and virtual assistant as they set up their phones, which earlier came with preferred options from Apple and Google.
In an update later this year, Apple users will be able to select a default browser directly from the choice screen after going through a mandatory list of options.
A randomly ordered list of 12 browsers per EU country will be shown to the user with short descriptions, and the chosen one will be automatically downloaded, Apple said. The choice screen will also be available on iPads through an update later this year.
Apple released a previous update in response to the new rules in March, but browser companies criticized the design of its choice screen, and the Commission opened an investigation on March 25 saying it suspected that the measures fell short of effective compliance.
The company said it has been in dialogue with the European Commission and believes the new changes will address regulators’ concerns.
It also plans to introduce a dedicated area for default apps where a user will be able to set defaults for messaging, phone calls, spam filters, password managers and keyboards.
Users will also be able to delete certain Apple-made apps such as App Store, Messages, Camera, Photos and Safari. Only Settings and Phone apps would not be deletable.
