Published: Tue, October 08, 2019
Electronics | By Kelly Massey

Google now working on Game Device Certification for mobile gaming

Google now working on Game Device Certification for mobile gaming

One of the most important aspects of the new operating system is enhanced security and improved user control over ... This patch, like the ones before it, contains all the general security-related fixes for Android itself and we see updates for the Media Framework, several System-level patches, a high priority kernel patch, and contributions from Qualcomm that directly affect phones using its hardware. The manufacturer will only be allowed to issue security patches after this point (if it doesn't adopt Android 10 or 11). The latest thing that must be fixed is "zero-day"- an unpatched vulnerability in Android that is now attacking in the real world.

"The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device.If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox", Maddie Stone, Google's project zero researcher mentioned in a post.

The vulnerability was apparently patched in December 2017 in the Linux Kernel 4.14 LTS release but without a tracking CVE. Those were the only fixed versions but newer ones were discovered to be vulnerable still, unfortunately. Unfortunately, that doesn't necessarily mean all devices launched after that date will come with Android 10 pre-loaded.

Arcuri Refuses to Say If She Had Intimate Relations With Johnson
The government has since frozen a £100,000 grant to Ms Arcuri's company, Hacker House, pending a review. "I wish him well". Describing the kit as a " conversation starter ", she said she and Mr Johnson " always had a laugh about it ".

Popular recent devices such as Samsung Galaxy 7, 8, 9, Huawei P20, Xiaomi Redmi A1, 5A and Note 5, Motorola Z3, Oppo A3 and Oreal LG phones are believed to be vulnerable to exploit, based on Project Zero's source code review.

Google's Project Zero team has revealed information about a zero-day Android exploit, the active use of which is being attributed to the NSO group, though representatives from NSO have denied the use of the same to ArsTechnica. Those with vulnerable phones should make sure they download the patch as soon as it's available sometime in the next few days.

Like this: