Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

LG's January security patch fixes several flaws and exploits exclusive to LG pho ...

$
0
0

LG is working diligently to bring its major Android devices up to date with Google's monthly security patches and fixes of its own. The company has published its January Security Bulletin, describing several vulnerabilities and exposures which have been addressed in its G (G3, G4, G4 Stylus, G Stylo, G5), V series (V10, V20), and CK series. Sadly, it seems the company's budget models (such as its X and K series) aren't privileged to this kind of support, but such are the wayward ways of Android device makers sometimes.

Regardless, the maintenance release contains fixes for eight vulnerabilities strictly related to LG phones. One is rated as critical, two are rated as high, four are moderate, and the last is low. The fixes will prevent an application that logs personal information to storage from being started without user consent, stop malicious apps from executing arbitrary code, close an exploit that leads to read/write access to kernel memory, and close off other vulnerabilities. LG describes the one critical vulnerability as "most severe," with its possibility of enabling remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.

The update is yet to go live, and in a sort of unprecedented move, LG's announcement actually precludes Google's official Android security bulletin for January 2017. We reckon the update will be released soon, with announcements by Google and other manufacturers such as Samsung going live as well.

ALSO READ

Viewing all articles
Browse latest Browse all 12749

Trending Articles