Defects in Mediatek chips allow spying on Android smartphones
Malicious apps can, if you have an Android smartphone with a MediaTek chip, and if that device is not up to date, you can intercept your phone conversations without even realizing it. Check Point security researchers have just revealed a series of flaws that will eventually allow arbitrary code to be executed in digital signal processors (DSPs) for MediaTek chips.
The first (CVE-2021-0673) is in the Android MediaTek driver. It is used to raise application privileges and the ability to send IPI (Inter-Processor Interrupt) messages directly to the DSP, which is impossible in normal times.
Three defects in the DSP firmware (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663) have been detected and allow malicious code to be executed within this hardware component.
Also to discover the video:
The good news is that all of these flaws were fixed last October. So just update the phone to be safe. For smartphones that no longer benefit from technical support, on the other hand, there is no solution at the moment. In this case, users are invited to be extra vigilant and not to download suspicious applications and to prefer the Play Store.
Source : Check point
“Incurable web evangelist. Hipster-friendly gamer. Award-winning entrepreneur. Falls down a lot.”