Google has recently released its December edition of Android Security Bulletin. In this edition, Google revealed its findings – the presence of vulnerabilities in the Android operating system. The bulletin highlights three system vulnerabilities with a critical rating. While one of them is marked with ‘the most severe’ tag and is capable of resulting in ‘permanent denial of service.’ As per this security update, a specially drafted message can enable a remote attacker to cause a permanent denial of service. This DoS flaw, CVE-2019-2232, can only target the advanced versions of Android, i.e., Android 10 (2019), Android 9.0 Pie (2018), and Android 8.0 Oreo (2017). The other two critical flaws are CVE-2019-2222 and CVE-2019-2223. These two flaws exist in Android’s Media framework, impacting the user’s experience of utilizing a variety of standard media types: audio, video, and images.
Android Security Threats
The past couple of months didn’t bring any good news to Android users. In November 2019, the security research team at Checkmarx discovered a system vulnerability, allowing cyber attackers to access the Google and Samsung camera apps remotely. The flaw allowed perpetrators to snap photos and record audio clips. Then, as per another news article, Android’s new text messaging update that uses Rich Communication Services (RCS) can expose users to cyberattacks. And then there was “StrandHogg” vulnerability, the one that could grant the perpetrators unauthorized access to Android users’ messages and photos. It also gave them the liberty to steal login credentials. And with the recent report, now the attackers can cause a permanent denial of service by using a specially crafted message.
What is CVE-2019-2232?
According to the NIST National Vulnerability Database, due to improper input validation in the “handleRun of TextLine.java” can cause a crash of an application. This vulnerability does not require human interaction and can be exploited remotely.
Consider a scenario where the Android users get delayed in updating the system software. Now, the message to “update your software” hangs on their phone’s notification window. To finish the process quickly, the user then ends up clicking on the “yes” button. This could be a sophisticated plan by an attacker to gain access to the user’s device.
Security patches for an android security threat
The critical flaw has already been released to the Android Open Source Project (AOSP), a branch of Open Handset Alliance (OHA). AOSP is an initiative that guides the development of the Android operating system. Well, even though the flaw is transported to the AOSP repository, it’s the responsibility of the device manufacturer to release a security patch. Samsung officially released a disclaimer stating that the delivery time of security updates vary depending upon the regions and models.
While the Google Pixel users will receive this update more quickly than any other manufacturers, still it generally takes one and a half weeks to fix the vulnerability. Apart from that, the newer devices receive updates sometime sooner than the older devices. There’s another issue that highlights the value of the brand of the manufacturer, implying that the users of obscure brands never even receive the required security patches.
One recommendation to stay protected is to check the security patch level of the device for avoiding any security incident.
All About Denial of Service Attacks
What do you mean by denial of service (DoS)?
Under a denial-of-service (DoS) attack, a cyber threat actor restricts an authorized user from accessing the personal data or resources. These attacks affect a wide range of services, including private data, emails, online accounts, websites, and other platforms. It can target individual computers or an entire network system.
How does a denial of service work?
Under a DoS attack, the cybercriminal floods the targeted host with continuous network traffic until it crashes or stops responding to the incoming requests. The victimized system eventually prevents even the legitimate user from accessing the authorized data. The organization affected by this attack faces a loss of money and time with inoperative systems.
How does a denial of service (DoS) attack differ from a distributed denial of service (DDoS) attack?
The most uncomplicated execution of a DoS attack is initiated from a single origin. Under this attack, the only machine sends in the payload of network traffic to the targeted servers or devices. While in a DDoS attack, the flooded traffic comes from hundreds and thousands of sources. In the former case, the attack can be stopped by blocking the single IP address, but in the latter case, it is impossible to differentiate between genuine and fake network traffic.
With the continuous emergence of critical flaws in the Android operating system, the users need to keep their smartphones updated with the latest software patch. Besides which, they should also rely on manufacturers who consider security updates as necessary as the features of a phone. Stay alert with Certified Secure Computer User (C|SCU), especially when it comes to a smartphone as it carries an abundance of private data! The program efficiently helps in keeping information assets protected and secured from various kinds of cyberattacks, including the threats that can target smartphones.