- Joined
- Jun 21, 2020
- Messages
- 5,633
- Reaction score
- 1,368
- Points
- 1,012
- Awards
- 4
Companies respond to vulnerabilities after specialist intervention.
Cybersecurity company Oversecured has discovered problems in Android applications from Xiaomi and the Google Android Open Source Project (AOSP) affecting users around the world.
The study identified 20 vulnerabilities related to unauthorized access to system data, file theft, and leaking information about your phone and accounts. Some of the problems were caused by errors in the AOSP code changes made by Xiaomi, including errors in the System Tracing apps and Settings that could lead to data leaks about Wi-Fi and Bluetooth devices.
According to the representative of Xiaomi, the company has made every effort to eliminate the detected 20 vulnerabilities. As a result, all security issues were eliminated, and now Xiaomi assures that risks for users are excluded. Users are encouraged to install the latest software updates to ensure maximum protection.
As for Google, the company also faced security issues in its AOSP code. In particular, vulnerabilities were discovered in Pixel apps that allow you to access geolocation via the camera and files via the WebView component. Google confirmed the fix and prioritized user security, emphasizing the importance of working with security researchers to improve the protection of the Android ecosystem.
However, some critics point to Google's slowness in addressing vulnerabilities, which, in their opinion, requires improving the development and testing of security updates.
As a result of the work carried out, both companies confirmed their interest in improving the level of security and protection of user data, emphasizing the importance of rapid response to detected problems.
Cybersecurity company Oversecured has discovered problems in Android applications from Xiaomi and the Google Android Open Source Project (AOSP) affecting users around the world.
The study identified 20 vulnerabilities related to unauthorized access to system data, file theft, and leaking information about your phone and accounts. Some of the problems were caused by errors in the AOSP code changes made by Xiaomi, including errors in the System Tracing apps and Settings that could lead to data leaks about Wi-Fi and Bluetooth devices.
According to the representative of Xiaomi, the company has made every effort to eliminate the detected 20 vulnerabilities. As a result, all security issues were eliminated, and now Xiaomi assures that risks for users are excluded. Users are encouraged to install the latest software updates to ensure maximum protection.
As for Google, the company also faced security issues in its AOSP code. In particular, vulnerabilities were discovered in Pixel apps that allow you to access geolocation via the camera and files via the WebView component. Google confirmed the fix and prioritized user security, emphasizing the importance of working with security researchers to improve the protection of the Android ecosystem.
However, some critics point to Google's slowness in addressing vulnerabilities, which, in their opinion, requires improving the development and testing of security updates.
As a result of the work carried out, both companies confirmed their interest in improving the level of security and protection of user data, emphasizing the importance of rapid response to detected problems.