[Android Security Update] 2020-01 - Nokia 7.2 Guides, News, & Discussion

I have a couple of Nokia 7.2 phones for me and the family. Google's security patch for January 2020 (aka 2020-01) is starting to trickle down to them.
Those on a custom ROM reliant on patched monthly boot image should not update until they are completely aware of the ramifications regarding Magisk/Root-enabled access.
Screenshot attached.

Writing from my Nokia 7.2 (Stock + Magisk) I can confirm that the patch won't install if you're rooted (I assume the modified boot is the culprit, not sure though). Gives some safety to those of us who haven't disabled the "update on reboot" setting.

Just received the latest update. 1.5Gb. Still on Android Pie tho (build 00WW_1_400)

kzamri said:
Just received the latest update. 1.5Gb. Still on Android Pie tho (build 00WW_1_400)
Click to expand...
Click to collapse
Yep. My bootloader is unlocked. Just waiting for 10 before I apply Magisk again.
I mainly just want to apply Energized to block the annoying ads.
Wish Nokia would hurry up and release the 10 update. ?
Sent from my Nokia 7.2 using XDA Labs

Riccorbypro said:
Writing from my Nokia 7.2 (Stock + Magisk) I can confirm that the patch won't install if you're rooted (I assume the modified boot is the culprit, not sure though). Gives some safety to those of us who haven't disabled the "update on reboot" setting.
Click to expand...
Click to collapse
Can confirm the same thing. I imagine the next cycle will be a patched January boot image. I'm not familiar enough with Magisk to break it down like that.

February security patch is online.

Related

Amazon Prime Ads Moto G4 September Security Update NPJ25.93-14.7

I am using the XT1625 bootloader unlocked Amazon Ads version.
ENHANCEMENTS
This update introduces changes including the following:
- Android Security : Includes the updates of
Android security patches through September 1st 2017.
- SD card stability improvement: Includes bug fix that improves the SD card functionality
OTA File Link:
NPJ25.93-14.7 Size 35.4mb
https://drive.google.com/file/d/1kg6oRfRN0v4nkvF0s0Enor2AS2AWxF27/view?usp=drivesdk
Moto G4 PLUS Xt1644 retusa receiving same update message as of two days ago.
I have an XT1625 on NPJS95.14-8 (higher than your 14-7) and it tries to install the OTA update and fails quickly once in recovery. I suspect an assert() failure on the system version.
Still, none of these have the October patchlist which fixes KRACK.
E
P.S. My XT1644 runs LineagOS 14.1.2017-1113
gavron said:
I have an XT1625 on NPJS95.14-8 (higher than your 14-7) and it tries to install the OTA update and fails quickly once in recovery. I suspect an assert() failure on the system version.
Still, none of these have the October patchlist which fixes KRACK.
E
P.S. My XT1644 runs LineagOS 14.1.2017-1113
Click to expand...
Click to collapse
1)The OTA listed above requires an Amazon device.
2)Looking at the updater script, this OTA and the non-Amazon OTA for NPJ25.93-14.7 requires NPJ25.93-14.5.
Code:
Package expects build thumbprint of 7.0/NPJ25.93-14.7/7:user/release-keys or 7.0/NPJ25.93-14.5/5:user/release-keys
As you've flashed NPJS25.93-14-8 (the retail, non US June 2017 update), this takes you off the update path for US devices. I do not know if you can flash NPJ25.93-14.5 (which has the June 2017 patch as well) and update via OTA without issue. https://androidfilehost.com/?fid=673368273298984458 for NPJ25.93-14.5, https://androidfilehost.com/?fid=817906626617945295 for NPJ25.93-14.7 (both non Amazon), or NPJ25.93-14.5 for Amazon devices: https://androidfilehost.com/?fid=817550096634798183
Either way, you are correct this OTA doesn't have the Krack patch, for official stock updates you'd have to wait for the 06 November 2017 or December 2017 security patch levels. I recall custom ROMs such as Resurrection Remix and Lineage OS have the Krack patches in place.
echo92 said:
1)The OTA listed above requires an Amazon device.
2)Looking at the updater script, this OTA and the non-Amazon OTA for NPJ25.93-14.7 requires NPJ25.93-14.5.
Code:
Package expects build thumbprint of 7.0/NPJ25.93-14.7/7:user/release-keys or 7.0/NPJ25.93-14.5/5:user/release-keys
As you've flashed NPJS25.93-14-8 (the retail, non US June 2017 update), this takes you off the update path for US devices. I do not know if you can flash NPJ25.93-14.5 (which has the June 2017 patch as well) and update via OTA without issue. https://androidfilehost.com/?fid=673368273298984458 for NPJ25.93-14.5, https://androidfilehost.com/?fid=817906626617945295 for NPJ25.93-14.7 (both non Amazon), or NPJ25.93-14.5 for Amazon devices: https://androidfilehost.com/?fid=817550096634798183
Either way, you are correct this OTA doesn't have the Krack patch, for official stock updates you'd have to wait for the 06 November 2017 or December 2017 security patch levels. I recall custom ROMs such as Resurrection Remix and Lineage OS have the Krack patches in place.
Click to expand...
Click to collapse
Wow - that was INCREDIBLY helpful, and thank you very much. Not only that, you provided the links to 14.5 and 14.7 so I didn't even have to search for them. Again, thank you!!!
Ehud
Do you know if the ATHENE_AMZ_NPJ25.93-14.7 version is out? I only see the NPJ25.93-14.7 for non Amazon. I really wish I could switch the from AMZ update channel to the Retail. It has to be possible with the bootloader unlocked to flash a retail version. I have searched, but no one has been able to change the update channel.
I guess if I want to have a fresh install, I would have to flash the 14.5 Amazon version and do the OTA for the 14.7.
Danny1976 said:
Do you know if the ATHENE_AMZ_NPJ25.93-14.7 version is out? I only see the NPJ25.93-14.7 for non Amazon. I really wish I could switch the from AMZ update channel to the Retail. It has to be possible with the bootloader unlocked to flash a retail version. I have searched, but no one has been able to change the update channel.
I guess if I want to have a fresh install, I would have to flash the 14.5 Amazon version and do the OTA for the 14.7.
Click to expand...
Click to collapse
Just curious...have you been able to stop the ads? I'm also on a bootloader unlocked XT1625 Amazon G4 and have version NPJ.93-14.5. I'm rooted, but regardless, the lockscreen ads continue despite clearing and disabling com.amazon.phoenix and xom.amazon.widgets.
Sent from my SM-N950U using Tapatalk
ferzmedina said:
Just curious...have you been able to stop the ads? I'm also on a bootloader unlocked XT1625 Amazon G4 and have version NPJ.93-14.5. I'm rooted, but regardless, the lockscreen ads continue despite clearing and disabling com.amazon.phoenix and xom.amazon.widgets.
Click to expand...
Click to collapse
Yes I have. I didn't disable, but deleted the Phoenix.
I don't have any ads.
ferzmedina said:
Just curious...have you been able to stop the ads? I'm also on a bootloader unlocked XT1625 Amazon G4 and have version NPJ.93-14.5. I'm rooted, but regardless, the lockscreen ads continue despite clearing and disabling com.amazon.phoenix and xom.amazon.widgets.
Click to expand...
Click to collapse
I used a file manager and looked for system apps and deleted the Phoenix one only. I still have the widget app. I used solid explorer, but es File Explorer works also.
I am waiting for the ATHENE_AMZ_NPJ25.93-14.7 myself. Is it available yet?
Bricked my phone when i installed the retail version of NPJ25.93-14.7 in a bootloader locked amazon version and the phone wont pass of the recovery menu saying an unauthorized version is installed. Searched the web for a while now and only ATHENE_AMZ_NPJ25.93-14.5 is available and i can not downgrade.
Any help will be appreciated
ernienina said:
I am waiting for the ATHENE_AMZ_NPJ25.93-14.7 myself. Is it available yet?
Bricked my phone when i installed the retail version of NPJ25.93-14.7 in a bootloader locked amazon version and the phone wont pass of the recovery menu saying an unauthorized version is installed. Searched the web for a while now and only ATHENE_AMZ_NPJ25.93-14.5 is available and i can not downgrade.
Any help will be appreciated
Click to expand...
Click to collapse
Check here: https://androidfilehost.com/?fid=817906626617956922
Haven't d/l myself, your risk.
Sent from my SM-N950U using Tapatalk
Thank you !
It worked for me.
I am back into the game

New update incoming

Not sure what it contains
Edit
[Only security update]

			
				
It's just security update they are too dumb to give it, it's stupid cause they will lose lot of customer with that
G8 has it lol enough said
Whats the name and month of the update?
@cre4per, what's the new software version?
10k Feb 1 security
Hmm running 10q
Is your phone branded?
this was for the tmo us variant i believe.
Security uodate
I got it a few days ago, Feb 1 security update. LG G710EM, branded (Poland), software version updated to v10s-260-06.
Moozg said:
I got it a few days ago, Feb 1 security update. LG G710EM, branded (Poland), software version updated to v10s-260-06.
Click to expand...
Click to collapse
Nothing here in Sweden, still on q.
maydayind said:
Hmm running 10q
Is your phone branded?
Click to expand...
Click to collapse
Bell Canada g710awm
xeizo said:
Nothing here in Sweden, still on q.
Click to expand...
Click to collapse
In Belgium. I just got my LG G710EM replaced. The new unit is on p (November security) and no update is available.
This is my third (and last) G7. The volume button stuck on the first one and the second one's charging port failed after three weeks. I can deal with out-of-date software but quality control is worrying me.
I want LG to not to roll Android Pie update and directly roll Android 10 as soon as it gets available.
Android Pie doesn't make any sense now that 7 months have been passed and Android 10 is just 4 months away.
Android 10, may be next decade. New update is just security patch that too Feb security patch
cre4per said:
Not sure what it contains
Edit
[Only security update]
Click to expand...
Click to collapse
Just received the update v10t-feb28-2019 on my Indian 64gb variant. These are the following changes I found till now:
1. New keyboard layout
2. VoLTE option to be enabled/disabled
3. Google Feed coming up instead of smart menu when swipe left
4. Phone became a bit smoother
5. Photos taken from stock camera look a bit cleaner
6. And of course the Feb security patch
I tried to install the "s" update kdz, Polish version using LG UP, as Sweden looks to be left in the cold. It installed 100% without errors but then got stuck at boot, I had to do a error recovery: power + volume down, when the phone reboots; at exactly that moment switch to volume up and insert the usb cable at the same time and then use LG Bridge.
Thankfully it didn't erase anything and all my settings and apps are intact, but I'm still at the same old "q" with the December security patch.
My EU got dec patch to. Its useless to flash other kdz. I expect this week a update with feb patch. LG must provide in each 3months security updates.
Sent from my LM-G710 using XDA Labs
I never once checked for a update on my Sprint version, since I had it.. But it looks like it updated without me even noticing. Feb 1 2019.
Is it just me but are they just focused on their g8 right now lol

VS995 updated to 20d security patch

I just received a security update to my LG V20. Does this mean android 9 is next?
Dbrown53 said:
I just received a security update to my LG V20. Does this mean android 9 is next?
Click to expand...
Click to collapse
Same here. I was shocked to see an update
I've been prompted but have not installed it. Some traffic on android central addressing this but it's weird. Version goes to vs99520d (from 20c) but for someone who installed it, the date did NOT change from 1 Oct 2018. One person was told by LG that this is their patch (Verizon tech support knows nothing about it and it is not on their web site) but I've spent a couple hours on the phone now with VZ and LG tech support and they have not been able to find anything at all related to this patch. Maybe it's perfectly fine but who put it out and what's in it?
androidcentral post is here https://forums.androidcentral.com/l...ity-update-my-verizon-lg-v20.html#post6847295
Did the security software version change. Mine is at version 4 not sure what it was before.
My security software version is MDF v2.0 Release 4 on VS99520c.
thchipmunk said:
My security software version is MDF v2.0 Release 4 on VS99520c.
Click to expand...
Click to collapse
Mine is the same, the android central user was told (by LG) that it was a 'security patch' so he was comparing the date under 'Android security patch level' but maybe it's OK for that date to remain the same. At this point I'm more holding off because of being stubborn but I'll probably install it in the next day or two.
It's official Verizon is now showing it on there software update page for the LG V20.
If you update, can you keep root?
You can use the snoopsnitch app to see what the security patch is run the adnroid security patch tester and send a screenshot
So, just got a VS995 in the mail, unrooted. Which is the better root method:
The dirty Santa - https://forum.xda-developers.com/v20/development/ls997vs995h910-dirtysanta-bootloader-t3519410
Or this flashable zip - https://forum.xda-developers.com/v20/development/vs995-verizon-lg-v20-stock-oreo-rooted-t3845669
baldybill said:
So, just got a VS995 in the mail, unrooted. Which is the better root method:
The dirty Santa - https://forum.xda-developers.com/v20/development/ls997vs995h910-dirtysanta-bootloader-t3519410
Or this flashable zip - https://forum.xda-developers.com/v20/development/vs995-verizon-lg-v20-stock-oreo-rooted-t3845669
Click to expand...
Click to collapse
You need to use Dirty Santa to get unlocked bootloader then you can use zip file to flash oreo with root.
I was going to try to get root on VS99520d now that I have 3 V20's. Verizon is now claiming VS99520c is the latest. Using their software update utility VS99520c is all that is offered now. I do have a copy of what I believe are the OTA update files but God only know what to do with them. Hopefully WiFi calling now works on VS99520c now. This is the only reason I was interested in 20d in the first place.
Edit: I was just being impatient. I got the OTA update after about a half hour. I'm curious what the Verizon Update tool will say about this one "VZW Utility Application - LG"

Can we root Pixel 3 with android 12

Hello Guys,
I Just wanted to know how I root my pixel 3 with android 12 just guide mn or is there already a thread than give me a link but plz for android 12
Rooting Android 12 works exactly the same as Android 11 on the Pixel 3.
Since there were no obvious guides, I just wrote one for the Pixel 3. Here you go.
Thanks for help
Can u tell me is there any twrp for android 12
Not that I know of, at least it doesn't work on my rooted P3 running Android 11
Hmm so how we install custom roms
rocketrazr1999 said:
Not that I know of, at least it doesn't work on my rooted P3 running Android 11
Click to expand...
Click to collapse
Update... Android 12 can be rooted using Magisk Canary
I was able to take an OTA update to Android 12 on my BL unlocked, rooted, custom kerneled Pixel 3! I started the update accidentally by hitting that pop up reminder and after a minute of thinking what to do (i did not want to lose my data!!!), I held down the power button to force it to reboot during the update. I have had this work to stop an OTA update and restore it perfectly to previous state. Anyway, it did NOT work this time, and it updated to A12 perfectly! No loss of data, no loss of custom kernel, but i did of course lose root. Also.... when i checked the update version in settings, it wanted to update AGAIN, from Oct 21 to Feb 22 (which is just an Emergency Dialer patch). My phone still shows Oct 21 security patch in settings, but shows the Feb 22 firmware (...016.C1), which suggests the patch was only a tiny fix to the 911 Dialer and did not affect anything else. So this time i let it update, which i started to think was stuck or looping after waiting about an hour, but finally i checked the progress and it was done, requesting a reboot! So i rebooted it and behold, its now running final security update to the Pixel 3, and all i need to do now is root with Magisk and install SafetyNet Fix. Which is the ONLY thing i can think of as to how it was able to do a factory OTA update while rooted and BL unlocked! The SafetyNet Fix patch may be so good that it bypasses the Google security measure that refuses to allow OTA updates on rooted, unlocked Pixel 3s. Yup, on a GOOGLE PIXEL! I used to have to unroot and install the factory kernel to do an OTA sideload on my old Essential in order to update and not lose data, but i was told that you could not update to new Android versions without losing your data on the P3, so Ii just figured my Sept 21 A11 firmware was the final update until a phone upgrade. Anyway, just wanted to pass on the good news that you CAN perform a factory OTA update from A11 to A12 on the Pixel 3 WHILE rooted and unlocked and with a custom kernel, but I of course have to recommend you do so on your own, and if anyone has an unused or non-daily driver P3 that want to confirm this good news, please do so and help convince the disbelievers ! The ONLY thing i would recommend is that you have the latest "Android 12" version of SafetyNet Fix installed with the switches on in Magisk, which is what i had. Its the only thing i can think of that would allow Google's Safety Net to bypass the security restrictions. OK then, hope a few of you give it a try to show im not a nutcase, lol.
Question kind of related to this... Was the P3 kernel updated in Android 12 to fix that race condition that causes freezes if using systemless hosts? With A11 I always had to make sure I installed a custom kernel before Magisk and enabling systemless hosts to keep my P3 from freezing.

Question Security updates

The last security update I see is June 1, 2022, which is to install Android 13, which I don't really want. Since there is a a new wifi calling exploit found, is there a way to get the security updates without installing A13 or does Goolge have the deck stacked and I'm essentially forced to upgrade? I live in a rural area and without wifi calling, I have no service.
I think your best bet would be to install a security patch via Magisk if you can find one. Also, maybe a kernel would offer what your looking for?
graysky said:
Since there is a a new wifi calling exploit found
Click to expand...
Click to collapse
First of all the exploit was fixed with the latest update a few days ago! The exploit was discovered, fixed and published by Google. That's the usual way a chip manufacturer deals with it and there' no reason why it should be unsecure to use the latest firmware. BTW: No device was attacked.
Security patch level June '22? You want the latest patch level without installing the corresponding firmware? For what purpose? A new security patch = updated firmware and without an updated firmware you don't have any patches. That's it.
Edit: Some background information. Your installed patch level is set in your boot.img. In theory you'll need a patched boot.img with another patch level (unlocked bootloader required => all data gets wiped!). But your device isn't then more secure than before!!
So it's clear in my head, the OS is firmware and the latest security patches rely on the latest OS to function, correct?
graysky said:
So it's clear in my head, the OS is firmware and the latest security patches rely on the latest OS to function, correct?
Click to expand...
Click to collapse
yes
WoKoschekk said:
yes
Click to expand...
Click to collapse
Thanks!
Interesting. I installed all the available updates and the is no March update, which I thought was needed to fix the exploit. The most recent update is from Feb 5, 2023. This is a 6A phone.

Categories

Resources