CyberNews Briefs

Samsung patches 0-click vulnerability impacting all smartphones sold since 2014

Samsung released an update this week that patches a 0-click vulnerability that impacts all phones sold by the vendor since 2014. Google’s Project Zero bug-hunting team discovered the flaw, which lies in how the Android OS running on Samsung phones handles Qmage image format that is custom-made and supported on all devices since 2014.

Mateusz Jurczyk, a security researcher with Project Zero, reportedly discovered a way to exploit how the Android graphics library (Skia) manages Qmage images sent to a device, stating that the bug can be exploited in a zero-click scenario. This means that the vulnerability can be exploited without user interaction, and is a result of Andriod redirecting images sent to a device to the Skia library for processing.

Read More: Samsung patches 0-click vulnerability impacting all smartphones sold since 2014

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.