The March 2020 Android security update released on the first Monday brought, among many other things, a solution with some very serious risks that has affected the Android platform for a long time.
This is explained on the portal XDA, where it exposes the functionality of this "dangerous" footprint million devices with MediaTek processor in the last months, and it is known that it has been actively exploited by attackers for the purpose of infecting mobile users.
Millions of Android phones, threatened by the threat of MediaTek presence
As they explain on that site, the accident was discovered almost by accident is one of the community members of XDA when looking for a way to get advanced rights to Amazon Fire tablet software.
And that after various experiments conducted by other members of the public, it was concluded that this was the case exploit, which was created and used for Amazon Fire devices, too Works on all devices with 64-bit MediaTek processor
From that moment on, they started out texts and tools based on this exploit allowed to obtain advanced privileges on devices with a MediaTek chip, including modification of the Linux security module -SELinux- to "allowed", which would allow all access, including unauthorized, to device software.
In theory, the threat would have jeopardized all MediaTek processor equipment, except those from firms such as Live, Huawei / Honority from Android 8 and Samsung, because this signing is changing the resources of their repositories in an attempt to contain this kind of exploitation that gives approval to the chief executive. However, they explain that with a little extra effort some kind of institutionalization can be created.
However Why is it so dangerous? To understand it, you must remember that, usually, before getting approval root
However, using exploit MediaTek-su, you would not even need to boot the device bootloader to get advanced privileges, pave the way for a possible attack, because attackers will need to set up an script on the victim's cell phone and rush it to reach root Temporary – until the user reuses the phone. Today, there are indications that suggest that many applications have been taking advantage of this vulnerability A few months ago, some of them were available on Google Play for ages.
As described in XDA, A solution to this vulnerability is included with the Android security update corresponding to the month of March, the aforementioned has already begun among the Pixel series models. The most surprising thing is that Google has decided not to disclose details about the biggest security problem so far, or that MediaTek has found a solution about 10 months ago.
But there is one additional problem: given the tendency of manufacturers to use MediaTek chips in their less expensive locations, it may be a large number of affected devices cannot find a safety boat that fixes this vulnerability up to several months, if they get it at a specific time. Currently, owners of MediaTek-based devices that they think may be affected can test you using script developed by a member of XDA obtaining advanced permits for this type of terminals. If this works, I'm afraid your phone has been exposed to attacks based on this exploit until you get an equivalent security update.
Follow ANDRO4ALL
