CERT-In Warns of Over 50 Security Flaws Affecting Android Smartphones: All You Need to Know

CERT-In — or Indian Computer Emergency Response Team — has warned of several security vulnerabilities affecting multiple versions of Android. These security flaws, if exploited by a malicious user, could be used to execute dangerous code, collect sensitive data, and launch a denial-of-service (DoS) attack on a victim. The security vulnerabilities affect three major versions of Android, across various parts of Google's operating system (OS) — from the framework to components from Arm, MediaTek, Qualcomm, Unisoc, and others, according to the cybersecurity agency.

In a vulnerability note issued earlier this week, CERT-In lists out 51 security flaws affecting the Android OS. The nodal agency responsible for dealing with cybersecurity issues and threats has issued a critical severity rating for the vulnerability note. All the entries listed by CERT-In have been assigned a Common Vulnerabilities and Exposures (CVE) number.

According to CERT-In, these vulnerabilities affect Android 13, Android 12, Android 12L, and Android 11. It is currently unclear whether Android 14 is also affected as the source code for Android 14 was published a few days before the advisory was issued.

The 51 security flaws listed by CERT-In affect various parts of the Android operating system from the Android framework, the Android system, and Google Play system updates. Meanwhile, software for components not directly controlled by Google, including those from Arm, MediaTek, Unisoc, and Qualcomm, are also affected by these vulnerabilities.

Attackers who exploit these flaws could potentially elevate their privileges on a target's smartphone, execute arbitrary (and malicious) code, extract sensitive information, and even perform a denial-of-service (DoS) attack, according to CERT-In.

Two of these flaws — CVE-2023-4863 and CVE-2023-4211 — could be actively exploited by attackers, and users should apply security patches "urgently", according to the agency. These flaws relate to the Chromium engine that powers Google's browser, and GPU memory processing operations on Android, respectively.

Users running on Pixel smartphones can install the latest update that includes the October security patches. Unfortunately, users who own smartphones from other manufacturers will have to wait until a security update is released along with fixes for these security flaws.

Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company's new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

from Gadgets 360 https://ift.tt/vs2ip94

Xiaomi Offers Free Xiaomi 12 Pro Upgrade to Mi 11 Ultra Users Facing Wi-Fi Issues

Xiaomi is offering a free upgrade to a Xiaomi 12 Pro for Mi 11 Ultra users who are facing Wi-Fi issues. These users also have the option to further upgrade to the company's latest Xiaomi 13 Pro by paying an extra fee of Rs. 30,000. Just recently, the company extended the warranty of the Mi 11 Ultra alongside other smartphones by two years, after users complained of camera and motherboard issues. The current offer — including the free upgrade and the paid one, is extended to the Mi 11 Ultra users who are having trouble with Wi-Fi on their handsets. The Xiaomi India President Muralikrishnan B announced the offers in a video message via Twitter. He added that the Mi 11 Ultra users who had previously paid and upgraded their handsets to the Xiaomi 12 Pro will be offered a full refund. They will need to contact the company online or through the nearest Xiaomi service centre. Notably, this refund is only applicable to users who upgraded their handsets due to Wi-Fi issues....

Softbank CEO Says He is Heavy User of ChatGPT Speaks to OpenAIs Sam Altman Often

SoftBank Group 's Chief Executive Masayoshi Son said on Tuesday he is a "heavy user" of ChatGPT, the artificial intelligence-powered chatbot from Microsoft -backed startup OpenAI. Son said he is speaking "almost everyday" to OpenAI CEO Sam Altman , who has made high-profile visits to Tokyo this year as he looks to capitalise on interest in generative AI and exert influence on the regulation of the burgeoning technology around the world. "I am chatting with ChatGPT everyday - I am a heavy user," Son told shareholders of the group's telecoms subsidiary. Son has stepped back from public pronouncements in recent months to focus on the planned listing of chip designer Arm as his technology investment conglomerate books heavy loss due to the sliding value of its portfolio. The group holds its annual general meeting on Wednesday with the market looking for details of Son's investment outlook at a time when excitement over AI is driving capital...

Amazon Restores AWS Cloud Services After Power Outage

Several apps and websites, including those of Hulu, Slack, and Epic Games, were up and running after being hit by a brief power outage at one of Amazon's data servers on the US East Coast. from NDTV Gadgets - Latest https://ift.tt/3ek1Yba

Techall for you

Search This Blog