The Google Project Zero security research team has discovered a security flaw in Android that can affect cross-branded equipment. Among them Samsung, Huawei, Xiaomi and Google itself, according to the report.
This security hole can be exploited to gain full control of the device in question. You can be affected in two ways: by installing an app from untrusted sources or through Google Chrome. When the browser renders content on a site, infiltration is possible if the site contains malicious code.
Which phones are being affected?
Google includes a list of devices where this vulnerability was discovered. If you have one of these devices, exercise caution, make sure you have the latest security updates installed and if you install apps outside the Play Store, beware of the sources.
- Pixel XL
- Pixel 2
- Pixel 2 XL
- Samsung Galaxy S7
- Samsung Galaxy S8
- Samsung Galaxy S9
- Xiaomi Redmi 5A
- Xiaomi Mi A1
- Huawei P20
- Oppo A3
- Moto Z3
- All LG phones with Android Oreo
Google is preparing a security update
Next Monday, Google will begin sending a security update pertinent to this flaw. The update should correct any flaws and vulnerabilities related to this finding.
In these situations, Google typically warns businesses 90 days in advance before posting security reports. This happened to Apple for example, giving the company time to correct errors by not publishing sensitive information. However, in cases where vulnerabilities are proven on handsets, this time is reduced to a mere 7 days.
EBox editors recommend: