Android 4.3 (and not only) with a gap allowing for stealing SMS – PC World

Android discovered a dangerous vulnerability, which allows mainly to attack users of devices with “the robot” in version 4.3.

->
 

Mandiant Red Team from the company FireEye reported the detection of vulnerabilities in software from Qualcomm, which is part of the Android Open Source Project. It is widely present susceptibility to Android devices, which allows an attacker to perform various tasks, including browsing the database SMS and history.

“Each application can interact with the API without calling any warnings. Google Play probably not will flag them as malicious and FireEye Mobile Threat Prevention (MTP) initially also it is not detected. it seems very unlikely that he did it any antivirus. “ – warns FireEye.

See also:

the vulnerability identified as

CVE-2016-2060 primarily affects users of Android 4.3, the system Android 4.4 and 5.0 are vulnerable to it, to a lesser extent, . It has existed since 2011 and has already been patched by Qualcomm, which has informed about this fact OEM partners in March 2016 year. These companies must now make a patch for users of its devices. It is certain, however, unfortunately, that some of them we will never live to see.

Google has removed the vulnerability in early May with the release of the next newsletter security.