Google finds Android zero day that can take control of Pixel and Galaxy devices

From The Verge: Security researchers with Google’s Project Zero team have disclosed an Android vulnerability that appears to have been exploited in the real world, ZDNet reports. The issue affects phones manufactured by Samsung, including the Galaxy S7, S8, and S9, as well as the Huawei P20, Pixel 1, and Pixel 2. An Android spokesperson said that an attacker would either need to get their target to install a malicious application or pair the attack with a second exploit via a program like a web browser. At that point, the exploit achieves “full compromise” of a device.

Instances of the exploit being used in the real world were discovered by Google’s Threat Analysis Group, which suggests that the exploit may have been used or sold by the NSO Group, an Israeli-based spyware vendor which was most recently behind a piece of spyware that can be injected into a phone via a WhatsApp call. The Verge has contacted the NSO Group for comment and will update this piece if it responds.

Since the bug is already being used by an exploit out in the real world, Google’s security researchers only gave the Android team seven days to fix it before making their findings public. The bug was first disclosed to the Android team on September 27th, and it was made public today.

In an odd twist, the researchers said that the same bug had previously been patched in December 2017, but it appears to have reemerged in subsequent versions of the Android kernel.

View: Article @ Source Site