A few days ago, NCC Group of orgnaization of code safety audit announced a heavy pound newses: Exceed 40 to open hole of chip existence bypass high.
The number of this flaw is CVE-2018-11976, discover last year March, reported connect high.
As we have learned, this flaw allows the confidential information of the memory inside aggressor filch chip, may affect the Android device that uses relevant chip finally. So how does the device that uses these to connect chip high do at present, insecure really? Authority is actually complete need not panicky, because this flaw got already,solve.
Had made clear in the report that NCC place provides mention, connect high already informed a client in October 2018, supplied safe patch to the manufacturer. This one flaw also is NCC is mixed connect high after talking things over, undertook announcing April this year according to industry usual practice.
In addition, the person that inbreak wants to pass secret of user of filch of this one flaw message is not simple also, because need of this one flaw gets kernel limits of authority,ability can launch attack. Simple for, inbreaked through other method deepness first only the mobile phone of the user, ability wins the limits of authority that uses this one loophole quite.
If the user had undertaken updating after the manufacturer supplies software patch, criterion this software flaw already received interest repair, equipment has done not have the safe hidden trouble related to this one flaw.
To the manufacturer, with trade security research organization collaboration discovers software flaw in time and supplying safe patch is industry convention practice.
And to the user, business of seasonable newer operation / the software patch that manufacturer place supplies, at the same time the choice downloads application from official channel, the mobile phone that all can avoid oneself on the oldest rate is inbreaked.
So, so called billions of connecting equipment high to be inbreaked is false alarm only actually, connect high combine terminal manufacturer rehabilitate already this one flaw, hold the user that opens chip facility high to need not worry completely, can continue happy use goes down.
