A new 'Stagefright' vulnerability*uncovered by security researchers at Zimperium zLabs*could compromise your Android phone*just by opening*an MP3 file. https://blog.zimperium.com/zimperiu...me-new-vulnerability-processing-mp3mp4-media/
I hope Sony fix this for our devices.
This is probably 10x worse than the vulnerability with processing mms. A website need just have a pop up or page redirection to a coded mp3/mp4 file, such an exploit could destroy android and so I'd expect them to patch it across the whole family of Android software versions as a matter of urgency.
Sent from my D2303 using Tapatalk
Hi All
I created a custom rom for SM-T705, (fenris) its a very security aware project.
Unfortunately ALL the AOSP/Lineage offerings have no working fingerprint, bugs, or both so I was stuck with a TouchWiz base.
Now having worked it into something different and special I have come to the issue of security updates.
As research goes it seems Samsung only push monthly/quarterly updates to some selected devices, NOT MINE
https://security.samsungmobile.com/etc/qsmr_list.html
Any ideas on a way to proceed?
Obviously the entire rom is effectively proprietary, with much effort needed to decompile to source.
What I would like is to match Google's security patch level
I am doing a BlueBorne patch myself by decompiling the Bluetooth stack, but that's just 5 vunrabilities out of 40 odd just in September !
Hi all,
It's look very strange that before 2015 there was so low CVE declared for Android (Between 1 and 13).
In 2017 there was more than 800, and CVE was growing since Google started to publish officially his security updates (since August 2015).
https://source.android.com/security/bulletin/2015-08-01
For Exemple in 2013 the CVE-2013-6282 wasn't reported in Android section, but in Linux. Checkpoint listed this in the top CVE for Android ! https://blog.checkpoint.com/2013/12/10/the-2013-android-vulnerability-of-the-year/
And some vulnerability from this website are also missing : http://androidvulnerabilities.org/by/year/
So the view in cvedetails.com and vulnerabilitycenter.com isn't correct.
We need perhaps to add all Linux Kernel CVE to Android CVE to have a better view. (https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33)
Did you know a better view with all CVE for Android?
Check here :
https://www.cvedetails.com/product/19997/Google-Android.html?vendor_id=1224
https://www.vulnerabilitycenter.com/#[email protected]
Thanks.
My phone got the November security update today. It was about 65MB in size, and it doesn't have anything else in the changelog. I believe the Android 10 is coming at the end of the year, hopefully.
EDIT: I have Ambient Mode now on my phone. I can't post screenshots but it appeared right when I plugged my phone in charge. It works like a charm!
Where do you get this option bro?
Follow the instructions here:
https://www.google.com/amp/s/www.theandroidsoul.com/how-to-enable-google-assistant-ambient-mode/amp/
Ambient mode coming to various Nokias starting with two of them?
Ambient mode coming to various Nokias starting with two of them?
AS per this its coming to various Nokia phones starting with these two...
Can folks check if other ones are also getting it?
https://nokiamob.net/2019/11/16/nok...ot-the-new-ambient-mode-for-google-assistant/
Besides the Nokia 6.1, other Nokia smartphones with Android One also started receiving a new feature related to Google Assistant. The Ambient Mode was announced with the Nokia 6.2 and Nokia 7.2 in September, as a timed exclusive in the smartphone market, and this week Google started releasing it to more devices.
As Nokioteca.net reported, the new feature is available for the Nokia 9 PureView, Nokia 8.1 and Nokia 7.1, as far as they can confirm. The Ambient Mode is probably rolling out to other Nokia smartphones and smartphones from other manufacturers as well.
If your device received the new feature, do leave a comment so we can update the article. ?
Photo: 9to5Google
Update: The Ambient Mode is also available for Nokia 3, Nokia 3.2, Nokia 7 Plus, Nokia 6.1 Plus and others. To check availability you can go to “Settings, Google, Account services, Search
assistant & voice, Google Assistant, Assistant, Phone (Assistant devices)”. Thanks Alessio for the details. ?
December update
Just received December 5th update today
kzamri said:
Just received December 5th update today
Click to expand...
Click to collapse
Me too, and the OEM unlock bootloader option is still present.
This morning I updated my S21+ to this new version (G996USQS4AUIN) - I have found nothing new in this release to report yet. No AT&T release notes either. As a matter of fact, the latest release notes shown in the AT&T Support site is still stuck at the July 1 Security Patch Level. If you find something new/fixed/improved in this release, please share your finds here.