Google Fixes Critical PNG Security Bug, but Millions of Android Smartphones Still Vulnerable

But if you believe this is only a normal security upgrade, you may want to reconsider. Among those vulnerabilities fixed by Google might enable a hacker to seed malware just sending a photograph in PNG format. And when users start the picture, it activates the tap and allows bad actors to execute arbitrary code and wreak havoc.

But despite Google having recognized and fixed the matter, there’s little respite for those countless Android smartphone users on the market. Why? The February 2019 Android security upgrade has just been released for its Pixel smartphones, the Pixel C tabletcomputer, as well as the Vital Phone. Obviously, the amount of Pixel apparatus out there’s apparently nothing in comparison with the countless Android smartphones from some other brands. To further aggravate the matter, the vast majority of at-risk users have never been advised as to if their Android smartphone is going to obtain the February 2019 Android security upgrade and protect them.

Thus, what could be achieved in this circumstance? The optimal solution would be not to open a picture, especially a PNG file obtained via an untrusted email, SMS, or onto a messaging platform. To put it, launching the infected PNG file will trigger the tap and may open the floodgates for downloading malware onto the gadget.

The critical vulnerability was seen in three kinds (CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988) and impacts Android smartphones operating Android 7.0 or even a greater construct going all of the way around Android Pie. Google asserts that so much, no episodes of poor actors exploiting the important security bug have been reported up to now. Additionally, Google has notified all of Android spouses concerning the safety bug one month before publishing details of their vulnerabilities and also has introduced the code stains to the Android Open Source Project (AOSP) repository.

Even though Pixel users have obtained an upgrade to spot the crucial vulnerability, other smartphone manufacturers are yet to launch an upgrade to deal with the matter in their own offerings. Until this occurs, we recommend that you refrain from launching PNG documents obtained from anonymous individuals and download the security update when it becomes available.


Please enter your comment!
Please enter your name here