Google to Update Android Nougat Quarterly
As Google begins rolling out the next version of Android, called Nougat, to users this week, the company already is planning a new strategy for providing updates to the operating system more frequently. Traditionally, Google has updated Android essentially once a year, putting a new major release about every 12 months. But as the mobile […]
Big Chunk of Android Devices Vulnerable to TCP Hijacking Bug
The TCP hijacking vulnerability in Linux disclosed last week also affects about 80 percent of Android phones in use right now, researchers said. The bug in question lies in the Linux kernel and has been there since version 3.6 of the kernel. It allows an attacker to hijack a TCP session by inferring the TCP sequence […]
New Attacks Can Monitor Keystrokes, Steal Sensitive Data from Android Phones
Researchers from an Austrian university have developed techniques that allow them to perform cache attacks on non-rooted Android phones that can monitor the keystrokes, screen taps, and even observe code execution inside the ARM processor’s TrustZone secure execution environment. The attacks the team developed are complex and rely on a number of individual building blocks. […]
Critical Qualcomm Flaws Threaten 900 Million Android Devices
Researchers have detailed four vulnerabilities in Android, caused by bugs in Qualcomm chipset drivers, that allow an attacker to get complete control of a vulnerable device. Three of the vulnerabilities already have been patched in August’s Android security update, but the fourth one has not been fixed yet. Researchers at Check Point discovered the vulnerabilities […]
Lessons Learned From the Android Stagefright Bug
LAS VEGAS–Security engineers and developers typically view vulnerabilities as problems, things to be avoided. But they also can be valuable learning opportunities, especially for a the engineers on Google’s Android security team who are trying to protect more than a billion devices. Android is by far the most widely deployed mobile operating system, and its […]
Google Patches Dozens of Critical Bugs in Android
Google has just released fixes for a pile of vulnerabilities in Android, including three dozen critical flaws in Qualcomm components that affect the operating system. The August patch release from Google is, like last month’s, split into two separate patch levels. The August 1 level contains a small subset of the fixes that are included […]
Android Nougat to Include Upgraded Security
As attacks on mobile devices continue to evolve and become more sophisticated, Google is enabling new security mechanisms in Android, including a number of additional memory protections and an extension of the operating system’s sandbox. The next version of Android, known as Nougat, will benefit from these security upgrades, which are designed to provide better memory protection and […]
Apple Needs a Patch Schedule for iOS
Android users don’t have many things they can point to when it comes to security advantages over iPhone users. The iOS platform is considered significantly safer and more resistant to attack than Android, as are the devices. But when it comes to the patching schedule, if not the process, Google has it all over Apple. In […]
Google July Android Update Fixes Dozens of Bugs
Google has released a huge security update for Android that fixes dozens of vulnerabilities, including a number of critical flaws that allow remote code execution. In an unusual move, Google released two distinct sets of patches: July 1 and July 5. The July 5 level has many more fixes, and Google said it separated the […]