11 security flaws in Samsung Galaxy S6 Edge

Google has been running Project Zero for some time now, with the mission of seeking out bugs in software, notifying the software makers and then notifying the public should nothing be fixed in an effort to force something to be done. Previously, Google has taken on Windows and OS X with Project Zero bugs but this time it is Samsung in the firing line for 11 serious flaws with the Galaxy S6 Edge.
Google describes the issues with Samsung’s device as “high-impact”, meaning they are quite serious indeed. Flaws include script injections, driver issues, image parsing issues, permissions weaknesses and a directory traversal bug, which allows a file to be written in unexpected locations.
Google’s Project Zero blog post goes in-depth on to each of the 11 security flaws found within the Galaxy S6 Edge. As of right now, most of them are actually fixed, but three tricky ones remain, including the script injection bug and two specific image parsing errors: “The majority of these issues were fixed on the device we tested via an OTA update within 90 days, though three lower-severity issues remain unfixed. It is promising that the highest severity issues were fixed and updated on-device in a reasonable time frame.”
This was all part of an internal contest between two of Google’s Project Zero security teams. They chose the Galaxy S6 Edge as it is a decent example of a high-profile, recently released Android smartphone.
Share on Google Plus

About Yomal Malinda

    Blogger Comment
    Facebook Comment


Post a Comment

We value your comments... Whether it is Good or Bad they are the only thing which we can get from you guys...! :) :) Please be kind enough to stop by and comment something about this post....!

Powered by Blogger.