Critical bug could have let hackers commandeer millions of Android devices

by
Dan Goodin
from Ars Technica - All content on (#5YDTB)
phone-security-800x534.jpeg

Enlarge (credit: Getty Images)

Security researchers said they uncovered a vulnerability that could have allowed hackers to commandeer millions of Android devices equipped with mobile chipsets made by Qualcomm and MediaTek.

The vulnerability resided in ALAC-short for Apple Lossless Audio Codec and also known as Apple Lossless-which is an audio format introduced by Apple in 2004 to deliver lossless audio over the Internet. While Apple has updated its proprietary version of the decoder to fix security vulnerabilities over the years, an open-source version used by Qualcomm and MediaTek had not been updated since 2011.

Together, Qualcomm and MediaTek supply mobile chipsets for an estimated 95 percent of US Android devices.

Read 9 remaining paragraphs | Comments

index?i=CaDetg-O10c:fOBLvy1Pvvo:V_sGLiPB index?i=CaDetg-O10c:fOBLvy1Pvvo:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments