Once upon a time only Intelligence agencies had the control over Android devices remotely accessed from anywhere in the world but now anyone can take full root access just by sending you an image file on your smartphone.
Yes, you heard it right, Every Android Smartphone can be hacked easily by just by a downloaded image file, three newly-discovered critical vulnerabilities that affect millions of devices running a recent version of Google’s mobile Operating system ranging from Android 7.0 to the latest Android 9.0 Pie.
according to The Hackers News published an article about android devices can be hacked with an image, recieved via email or downloaded from a web.
The vulnerabilities, identified as CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988, have been patched in Android Open Source Project (AOSP) by Google as part of its February Android Security Updates.
Google engineers have not revealed any technical aspect of the vulnerabilities so far, the updates mention fixing ‘heap buffer overflow flaw’, “errors in SkPngCodec”.
Google says, “the most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process.”
A remote attacker can easily exploit this vulnerability just by tricking users into openly maliciously crafted PNG image file on their Android devices sent through a mobile message service such as Whatsapp or an email.
Google stressed that it has no reports of active exploitation or in wild abuse of any of the vulnerabilities listed in its February security bulletin.
Beware! Do not download images from anonymous sites or open anonymous emails.