Netease Technology News March 4 news, according to foreign media reports, mobile phone developer forum XDA today revealed that Google has fixed a serious security vulnerability related to Android devices, which involved millions of Android devices using MediaTek chipsets.
It is reported that the vulnerability has been public for several months and is a backdoor in the CPU firmware. The vulnerability allows a malicious program to gain access to Android devices using MediaTek’s 64-bit chip through a simple script, and therefore affects hundreds of smartphones, tablets and smart set-top boxes, XDA said.
Google mentioned the patch (CVE-2020-0069) in its Android security advisory in March, after details about the vulnerability had been circulating online for months. Notably, hackers can still exploit the vulnerability on dozens of Android devices.
A hacker exploiting the vulnerability can cause damage in a number of ways, by installing an app and then granting it whatever permissions it needs to hack a device. Hackers can also use the root privileges in the vulnerability to launch ransomware, potentially rendering the entire device unusable.
MediaTek has provided a patch to fix this vulnerability since May 2019, but the company cannot force OEMs to fix devices. And Google can fix the device with a license agreement and corresponding terms, XDA explained. According to XDA, Google was aware of the vulnerability months before it released a patch.
The Links: MG30G2DL1 CM150E3U-24H IGBT