Thu. Apr 2nd, 2020

Google to fix MediaTek-su high-risk security vulnerability in Android security update released this month

3 min read

According to the XDA Developer Forum, Google will release an Android security update this month to fix high-risk vulnerabilities in Android devices based on the MediaTek chip solution.

Google was aware of a high-risk vulnerability in MediaTek ’s chip solution last spring, and chipmaker MediaTek is also working with mobile phone makers to fix it.

However, many Android device manufacturers ignore vulnerabilities and security updates. Currently, only a few Android device vulnerabilities based on the MediaTek chip solution have been fixed.

What is even more worrying is that the details of the vulnerability have been leaked, so many malwares have started to exploit this vulnerability, and successful exploitation of the vulnerability can obtain administrator rights.

This security vulnerability of the MediaTek chip solution is extremely harmful. Malicious developers can use the vulnerability to obtain similar permissions to operate freely without obtaining root permissions.

Because the method of exploitation is very simple, some software in the Google Play Store has started to exploit the vulnerability, and after obtaining permission, it is used to perform advanced malicious operations.

Alleged Play Store apps abusing MediaTek-su. Source: TrendMicro.

For example, an attacker can monitor the inflow and outflow of data from the entire Android device, receive remote server instructions, execute malicious code in the background, or install a Trojan.

It can be said that after obtaining this permission, the attacker can do whatever they want, so both MediaTek and Google pay close attention to this security vulnerability.

However, the biggest criticism of the Android ecosystem is that the update is extremely slow. Many Android devices that have already been launched may take a long time to update or even no longer update.

If a security breach occurs, it will affect the majority of consumers, but even so many manufacturers are reluctant to invest in releasing updates and so on.

For example, this time, MediaTek has already issued a security patch that requires manufacturers to update, but the manufacturers directly ignored the vulnerability and were reluctant to release new versions to the device.

The reason is likely that many of MediaTek’s solutions are low- and mid-range devices, and these manufacturers usually only release updates for flagship devices on a regular basis.

So a year after the vulnerability appeared, not many devices have successfully fixed the vulnerability. Eventually, MediaTek decided to cooperate with Google to let Google integrate security patches.

MediaTek’s cooperation with Google is mainly to provide security patches directly to Google, Google will focus on the March security update for Android for manufacturers to repair.

These manufacturers will definitely bring this security patch for repair if they want to release a new version, but this may only be slightly better than MediaTek’s own repair.

The reason is that many manufacturers are also unwilling to sync Google’s official security updates, which may not be much different from the situation encountered by MediaTek.

Currently, the March security update for Android has not been released. I do n’t know how many MediaTek devices can successfully fix this high-risk vulnerability after Google pushes March Security Update for Android.

Via: XDA