Android phones can be taken over remotely - update when you can | Malwarebytes

839

• (+3/-0)

Android phones can be taken over remotely - update when you can | Malwarebytes (www.malwarebytes.com)

TLDR; The exploit that can run code remotely is in the Bluetooth stack so you have to be within ~30ft of the attacker.

From the post: "Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything.

Updates for these vulnerabilities and more are included in Google’s Android security bulletin for December. In total, there are patches for 94 vulnerabilities, including five rated as “Critical.”

The most severe of these flaws is a vulnerability in the System component that could lead to remote code execution (RCE) without any additional execution privileges required. User interaction is not needed for exploitation."

TLDR; The exploit that can run code remotely is in the Bluetooth stack so you have to be within ~30ft of the attacker. Archive: https://archive.today/GEaWf From the post: "Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Google’s Android security bulletin for December. In total, there are patches for 94 vulnerabilities, including five rated as “Critical.” The most severe of these flaws is a vulnerability in the System component that could lead to remote code execution (RCE) without any additional execution privileges required. User interaction is not needed for exploitation."

(post is archived)