The rooting exploits the weaknesses that are discovered in Android to unlock the systems and give users full access, without the normal controls. Usually this is done in a conscious and controlled manner, being carried out by users.
But Google has now warn of a new flaw that was discovered and that allows an application to change the Android permanently, not always with the best intentions.
This failure Android was discovered by C0RE Team and the Zimperium, the same as before had brought the world Stagefright.
it is a problem that began to affect the Linux world and that Google understood that not affect your operating system. But the truth is that this problem can even be exploited in Android and in fact is already being.
This bug has is present in the Android kernel, which is shared with Linux and allows them to be circumvented Android’s safety rules, permanently and expose the phone.
the reaction of Google
We are taking this issue so very serious. In addition to the issued security alert, the company is already working closely with the community that develops the AOSP for the problem to be remedied.
In addition to Google is preparing to launch in the coming days one security update. OEM partners also received this security patch to send them to their equipment.
The biggest problem is that the flaw is already being exploited and there are already several applications detected that are using. In this case limited to make root the Nexus 5 and 6, but may soon be used for other purposes without users have notion that committing immediately terminals.
What measures are being taken to protect Android?
Google has removed the Play store this application, but it can be easily obtained in other applications stores. Even using its applications prohibition policy in the Play Store, as will root and also the active verification of malicious applications, unlikely Google will be able to control this problem.
The solution should arrive within days in monthly security updates that Google releases for its Nexus devices and other manufacturers should follow the same path.
Still, thanks to the fragmentation of Android, many will be the equipment that will not have access these updates and will continue exposed to the problem.
No comments:
Post a Comment