MY BRAND BOOK Samsung clears the bug from its smartphones since 2014

Samsung clears the bug from its smartphones since 2014

By MYBRANDBOOK

Samsung has released a security patch this week that brings a critical fix for its devices. The security flaw was first brought to light by a security researcher with Google’s Project Zero team. The flaw resides in how Samsung’s version of Android OS handles the custom Qmage image format (.qmg). Samsung started supporting this custom image format on all devices released since late 2014.

Mateusz Jurczyk, a Security Researcher with Google’s Project Zero team, discovered a way to exploit the vulnerability. The vulnerability exploits how Skia (the Android graphics library) handles Qmage images sent to a device.

Jurczyk says the Qmage bug can be exploited without user interaction leading to a zero-click scenario. This happens because Android redirects all images sent to a device to the Skia library for processing without a user’s knowledge. Samsung fixes a critical bug

According to the report, the researcher developed a proof-of-concept demo exploiting the bug against the Samsung Messages app. The app included on all Samsung devices, is responsible for handling SMS and MMS messages.

Jurczyk further notes that once the Skia library is located in memory, a last MMS delivers the actual Qmage payload. It then executes the attacker’s code on a device.

The researcher also notes that the attack usually needs between 50 and 300 MMS messages to probe and bypass the ASLR. In other words, it will take around 100 minutes to execute the attack. While it might look noisy and time consuming, the researcher adds that it can be done without alerting the user.

BREAKING NEWS

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

TECHNO TRENDS

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

E-Magazine

TECHNOTAINMENT

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech

MOVERS & SHAKERS

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s

OPEN YOUR EYES

Technology has made organizations more dependent by using facial recognition

Urgency In Refuelling Digital Transformation For Customizing Needs

Contact-less Technology to Bring Revolution In This Pandemic Era

Big Data and Cyber Security Brings Newer Challenges for WFH

Rising Uncertainty On The Start-ups At The Verge Of Collapse

INTERVIEWS

Alpha Max offers high end solutions in the network space to en

Cisco building a trusted and resilient future for the nation

Security is foundational to everything Cisco does and customers insist on e

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando stands out in the DPU (Data Processing Unit) market with its u

HOT PICK

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t

MAKE IN INDIA BRANDS

AMARA RAJA POWER SYSTEMS LTD.

TP-LINK INDIA PVT. LTD.

GLOBUS INFOCOM LTD.

TECHROUTES NETWORK PRIVATE LIMITED

EMINENT CIO'S OF INDIA

AI SYSTEMS ARE ENABLING A SEISMIC SHIFT IN THE WORLD OF CYBERSECURITY

AI’s analytical prowess enables it to analyze an...

STRATEGIC FRAMEWORK FOR SUSTAINABLE BUSINESS EXPANSION IS PATHWAY TO PROSPERITY

Accelerate the adoption of AI and machine learning...

GAINING CUSTOMERS’ TRUST IS ESSENTIAL FOR SMOOTH OMNICHANNEL INTERACTIONS

In the fiscal year 2024-25, our organization has i...

ICONS OF INDIA

Icons Of India : B.V.R. Subrahmanyam

A 1987 batch (Chhattisgarh cadre) Indian Administrative Service Office...

ICONS OF INDIA : S KRISHNAN

S Krishnan as the secretary for the electronics and information techno...

Icons Of India : MUKESH D. AMBANI

Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...

PARTNER SPEAKERS

Innovation and Adaptability help to stay relevant

Utilizing data analytics tools, companies can track various metrics such as we...

Driving digital india with Niveshan Technologies – A Trusted “Saathi”

With a wide array of IT services, from Datacenter Services to Business Continu...

Enhanced Skills & Expertise helping to better serve customers and stay ahead of the curve

Feedback Forms: Conducting surveys and collecting feedback from customers is a...

PSU

NPCI - National Payments Corporation of India

NPCI is an umbrella organization for operating retail payments and set...

LIC - Life Insurance Corporation of India

LIC is the largest state-owned life insurance company in India...

IOCL - Indian Oil Corporation Ltd.

IOCL is India’s largest oil refining and marketing company ...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024: GOOGLE

Google has a long history of technological innovation across various domains, ...

Most Trusted Brands 2024 : Samsung Electronics Co. Ltd.

Samsung invests heavily in marketing campaigns to promote...

Most Trusted Brands 2024 : Adobe Inc.

Adobe Creative Cloud is a comprehensive suite of desktop and mobile apps for d...

Global Indian industry

Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies

Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...

Indian Tech Talent Excelling The Tech World - George Kurian, CEO, Netapp

George Kurian, the CEO of global data storage and management services ...

Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated

Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...

ITFORUM 2025

STARNITE AWARDS 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY