Google Slacking Off? Critical Patch That Hackers Have Exploited for Months

Hacking
www.pxhere.com

Google seriously did not work fast enough for the patch(CVE-2020-0069); the exploit has been around for months only confirmed it on its March Android security bulletin. The said exploit affects millions of Android devices with Mediatek's 64-bit chipsets.

What Does The Exploit Do

XDA Developers is the whistleblower who mentioned that the exploit had been out for months already-stating that the vulnerability is a rootkit part of the CPU's firmware itself. This allows a simple script to be able to root Android devices that have MediaTek's 64-bit chips, which are more of the mid-range smartphones, tablets, and set-top box models.

How Many Users Were Affected

It's difficult to estimate the total number of users who were affected but based on statistics of global sales last year for all smartphones, and the majority of phones that were bought were of mid-range variants. It is safe to say that millions of millions of people's Android smartphones were at risk of this exploit.

Why Take So Long to Patch?

MediaTek had the patch ready since May of 2019. However, they couldn't force OEMs to fix their devices regardless if it is a known issue or not. Google, on the other hand, can do what MediaTek can't. It begs the question as to why did it take too long to do so since the fix was already available since last year.

What Might Happen if You Were Compromised?

The exploit has been out there for months already, so what makes you so sure your device is safe? You don't. Hackers can use the feat and can cause significant damage in so many ways. It is still exploitable on many device models out there, and hackers are actively using it. They can install malicious software in your smartphone and grant permissions that you would likely not do by yourself. The main issue here is that root access to your smartphone will be used for ransomware or make the entire device compromised and unusable. Other Android devices might not have the fix if the developers would not do anything about it, in all honesty, this seems to be the case if even Google took too long to respond. How about the rest?

What Did Google Do?

From a source of XDA, they stated that Google had known about the issue for months before it took steps to patch it. Still no response from Google about the problem as of the time or writing. This is a bad sign of thinking that Google has always been one of the top dogs in the tech industry but has opted to save their behind just now given how malicious the exploit could be for millions of their Android users.

Read More About: Apple Focuses on Six Mini-LED Products After Cancelling Tech Conference Due to Coronavirus

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics