Saturday, 07 November 2015 18:01
Google has highlighted 11 security flaws in Samsung’s flagship Android handset, the Galaxy S6 Edge. It can allow hackers to take over the device and steal personal data.
As Google’s Project Zero team itself noted, Android’s licensees are an important area for Android security research, as they introduce additional (and possibly vulnerable) code into Android devices at all privilege levels, and they decide the frequency of the security updates that they provide for their devices to carriers.
In a blog post, Natalie Silvanovich from Project Zero wrote, “The majority of Android devices are not made by Google, but by external companies known as Original Equipment Manufacturers or OEMs which use the Android Open-Source Project (AOSP)”.
According to Dailymail report, the full details about each of the vulnerabilities are listed on the Project Zero blog post, but they include flaws in the way images are handled, problems with a number of drivers and the ability for JavaScript to be added to emails.
Google’s Project Zero carried out the investigation to highlight the flaws, but also to discover how quickly Samsung would resolve the problem. Most of the issues were fixed after Google notified Samsung, but some have yet to be addressed.
