News of market small network, connect high now express, the number that NCC Group discovered last year in March is the opens chip high hole of CVE-2018-11976, already last year the end of the year supplied safe patch to terminal manufacturer, already completed repair at present.
As we have learned, the flaw that this one number is CVE-2018-11976 but the confidential information that filch communicates the place inside chip high to store, affect the Android device that uses relevant chip.
After discovering this flaw last year, connect high already informed a client in October 2018, supplied safe patch to the client, at the same time as bilateral as NCC Group according to industry usual practice, talked things over to undertook announcing to this in April this year.
It is reported, this flaw needs to get kernel attributive ability to launch attack, that is to say, the premise that this flaw can be used is terminal has been inbreaked by deepness. If the user has been in,undertook updating, criterion this software flaw already received interest repair.
Gao Tongjiang is moved already last year the end of the year supplied safe patch to terminal manufacturer, did not discover any event that exploit this loophole happen up to now.
With trade security research organization collaboration discovers software flaw in time and supplying safe patch is industry convention practice. To terminal user, right after operation business or terminal manufacturer supply software patch terminal undertakes in time updating, and wait for a practice from application of safe applied shop download only, all can ensure the security of terminal. (proofread / Lee)
