MediaTek confirms bug that affects Android devices running its chipsets

MediaTek has officially confirmed the existence of a software bug that has put several Android devices running the company's chipsets at risk. The chip-maker says the issue in question only affects Android 4.4 KitKat devices.
First reported by security researcher Justin Case earlier this month, the bug could potentially allow an attacker to enable root access on a vulnerable device. "Root user could do many things, such as access data normally protected from the user/ other apps, or brick the phone, or spy on the user, monitor communications etc," Case said.
For its part, MediaTek explained that the vulnerability stems from a debug feature that the chip-maker said smartphone manufacturers should have disabled before shipping the devices.
"We are aware of this issue and it has been reviewed by MediaTek's security team. It was mainly found in devices running Android 4.4 KitKat, due to a de-bug feature created for telecommunication inter-operability testing in China," a MediaTek spokesperson said.
"After testing, phone manufacturers should disable the de-bug feature before shipping smartphones. However, after investigation, we found that a few phone manufacturers didn't disable the feature, resulting in this potential security issue."
MediaTek, however, didn't provide anymore details, just saying that the issue affects "a portion of devices" from "certain manufacturers," and adding that it has alerted all manufacturers about the feature.
Source | Via

Comments

Popular posts from this blog

iPhone 8 Plus and iPhone 8 now rule DxOMark's rankings with best smartphone cameras ever tested

Microsoft has laid Windows Vista to rest

Google confirms that it's launching two flagship Android Wear smartwatches in early 2017

Samsung Galaxy Tab 4 7.0 LTE

HTC Desire 501

Samsung explains the new tech behind the Galaxy S5 Super AMOLED display