Though, MediaTek is trying to downplay the effects, it appears that sofware-related bug has resulted in a vulnerability in Android 4.4 KitKat powered Android phones. The vulnerability makes it possible for abusers to take advantage and could end up gaining root permissions to the device, bricking the device and even spying on users communications. MediaTek has confirmed the existence of the bug and assured that their security team is in the process of coming up with a fix.
Earlier this month, Justin Case a security researcher discovered and revealed the existence of the bug causing the vulnerability. MediaTek has also acknowledged the fact that there is a real chance for malignant exploits. The chipmaker based in Taiwan stated that the vulnerability arose from the failure of smartphone manufacturers to follow their request to have the debug function disabled prior the shipment of the handsets. However, the company did not disclose the exact manufacturers responsible, and due to this fact, it is still unknown which smartphone models affected by the bug.
Case basically sums up the bug and how the vulnerability could be taken advantage of, saying that the roperty space had been ‘nerved’ by MediaTek, making it possible for these properties to be altered by anyone, including even an app. He further added that a malicious app would not need an ADB authorization, all it could do is set properties such as the ‘ro.secure’ to 0, the ro.adb.secure prop to 0 and the ro.debuggable one to 1 and then over a Wi-Fi property, the ADB would be enabled and gain access to a local root shell.
QUICK NOTE: Free firmware downloads are made possible thanks in part to BlueHost Hosting & Dedicated Servers – Updato's #1 choice for hosting and storage solutions! Show your support and check 'em out.
The chipmaker has so far tried give little weight to the impact, even though a huge number of handsets are available on the market running on Android 4.4 KitKat which makes use of these chips. The company has avoided estimating the number of devices this bug may affect, however, they have disclosed that they are taking the necessary measures in ensuring that all the relevant manufacturers are notified about this issue.
Do you there exists a potential that this security vulnerability could affect your device? Are you satisfied by how MediaTek is tackling the issue? Share your thoughts in the comments section.
LATEST FROM YOUTUBE: