There are many deficiencies have been found in Android operating system running on Samsung Galaxy S6 Edge smartphones by researchers from Google’s Project Zero, Samsung said to fix most of the susceptiblities, the deficiencies let attacker to stir the privilege the device sets to its apps, and find the emails of victims among other threats. Susceptiblities has been reported to the company in late Juy and eight of them are for Vendor with its October maintenance release.
The company has guaranted to fix three security problems this month. Google’s Nexus has been tested to see how it compares against the security of an OEM device this thing was be held by project Zero the function of ding this is to understand which internet giant has started security updates which is realising monthly . “Google does not make many of Android devices , but it is made by external companies called Original Equipment Manufacturers or OEMs , it uses the Android Open-Source Project (AOSP) as the basic. OEMs has important rule for Android security research’s area.
Susceptiblities which are found by the researchers , searched for some types of problems which are part of kernel privilege escalation exploit chain, they are getting the access of remote to contacts, getting access of data from a gogle play application which doesnt need permission , messages and photos. “ there are three challenges which suppose to be done by each team , we think are suitable to the security boundaries of Android. Silvanovich said among the eleven high security problems , the most crucial is traversal vulnerability (CVE-2015-7888) in the Samsung WifiHs20UtilityService service which can be used to write arbitrary files on the system. The email client installed on Samsung Galaxy S6 Edge devices is also plagued by crucial defect (CVE-2015-7889), those things can make an attacker easily forward the email of users to a different account through a sereal of intents unprivieleged application. In a week project zero researchers has found about eleven potential security problem inside the device , specially around media processing and device drivers.
“It is promising that the highest severity issues were fixed and updated on-device in a reasonable time frame,” Ms Silvanovich added.
Category: Smartphone News