Samsung finally fixes the known "0-Click" vulnerability

0
129
Samsung finally fixes the known '0-Click' vulnerability
Samsung Finally Fixes The Known Quot0 Clickquot Vulnerability.jpg

Samsung finally fixes the known '0-Click' vulnerability

Samsung has come a long way since joining Android devices. The initial problems mainly concerned the software with slowly released updates and the presence of several system bugs. A critical vulnerability was discovered in 2014, involving all smartphones released in 2014 and later.

The security flaw concerns the way Samsung handles the custom Qmage image format (.qmg).

Samsung smartphones have started using it since 2014. A researcher from Google's Project Zero research team, Mateusz Jurczyk, has discovered a passage that allows you to take advantage of the Android graphics library called Skia and that manages all the Qmag sent to the device.

According to Jurczyk, the bug can be exploited without the user necessarily interacting with the device. The reason it happens is that Android sends all the images that arrive on the device to the Skia library for processing, generating thumbnail previews without the user's knowledge.

All Samsung devices capable of handling SMS and MMS can be prone to this criticality. According to Jurczyk, the bug was exploited by sending repeated MMS messages to a device from the Korean house. Each message is useful to guess the position of the Skia library in the phone memory, managing to get around the Android ASLR (Address Space Layout Randomization) protection.

Once the library is found in memory, the last MMS sent is responsible for delivering the Qmage payload, which will lead to the execution of the hacker code. According to Jurczyk, for the attack to be successful 50 to 300 MMS are required before ASLR protection can be bypassed. All of this can be done without the user noticing anything and without any notification reaching the victim.

SEE ALSO  Samsung updates its camera app so that zoomed photos have better quality. Find out if your mobile is compatible

This practice can be used on any app running on a Samsung device and can be performed completely remotely. Luckily, Samsung corrected the major vulnerability with the latest update security released in May.

The old habits have therefore left room for a significant change of gear by the company, with updates released monthly. For anyone who wants to buy an Android smartphone, relying on Samsung is one of the most sensible choices to make right now.

Until now, other manufacturers' smartphones have not been affected by this practice and therefore, it seems that only Samsung was the only company under attack.