Qualcomm Firmware Vulnerabilities Expose 900 Million Devices, Including Security-Focused Smartphones

Status
Not open for further replies.
G

Guest

Guest
We keep hearing about these "massive vulnerabilities", but I've yet to see any actual real case exploit. Same thing with stagefright, and all those other "theoretical" problems.
 

kenjitamura

Distinguished
Jan 3, 2012
195
3
18,695
1


Google was probably also informed of the exploit at the same time as Qualcomm and started screening for applications that exploit the bugs before allowing them on the play store. So as long as people only get their apps from the play store they'd never be exposed to this problem. The only people that could have been affected by this are the ones that manually download apps off the internet and select "allow installation of unofficial apps" in the security settings of their Android phone.
 

Hydrotricithline

Distinguished
Jan 1, 2007
35
0
18,530
0
Is there anyway an end user and patch their phone, being a coding idiot myself. I own a oneplus two .. with 4 vulnerabilities including these ones.. or do we just sit and hope the carriers eventually pass us the patch?
 

scook9

Distinguished
Oct 16, 2008
826
0
18,980
0


In the article they mentioned that Qualcomm (and likely Google) were notified this spring, about 4-5 months ago. It is a safe bet that the monthly security update from google immediately following the notification included patches to fix the problem as well as updates to the AOSP base as well reflecting the patches. What the other manufacturers do from there though is not up to Google. Personally, this is one of the reasons I only plan on owning Nexus phones that get a monthly update from now on (that and I hate the OEM skins polluting the interface)
 

andy_newton

Distinguished
Mar 5, 2009
112
0
18,680
0
With so many logical fallacies, this author will not make it past English 101 if he takes the class in City College of San Francisco. So don't worry about a single word he writes.
 
Status
Not open for further replies.

ASK THE COMMUNITY