08 Feb 2019
Watch out! A single photo can compromise your Android phone
The cases of vulnerabilities affecting smartphones just don't seem to end.
The worrying part? They can do it just by sending a single image to your smartphone and you won't even realize.
Here's more on the bug and the potential attack it could lead to.
Image could be used to run malicious code
In a recent blog, Google acknowledged the vulnerability, noting that bad actors could use a single 'specially crafted' .PNG image to run malicious code on Android phones.
The photo, if opened, could give attackers 'privileged access' to run the malicious code.
And, the issue isn't on old phones; it affects devices running Android 7.0 Nougat, Android 8.0 Oreo, and Android 9.0 Pie.
But, what exploiting this bug could really do?
In the report, Google didn't exactly reveal how the bug or malicious photo in question could be used or what effect it might have on an Android phone.
However, the company did classify the issue as 'critical', stressing on the severity of the effect that exploiting the vulnerability would possibly have on an affected device.
Fix on the way, but millions remain at risk
Google claims if the bug on your phone is exploited, you won't even know that you have been targeted.
However, the company emphasized that there are no actual reports of hackers pulling off the attack and its fix has already been issued with the February 2019 security patch.
This means the vulnerability should be patched pretty soon.
Until then, open PNGs with caution
Having said that, it is important to note that third-party Android vendors like Samsung release security patches at different rates.
This means some Android users might have to wait a little more than others before the fix shows up on their device.
Either way, we recommend opening any PNG file with caution until the February patch hits your device.