Are you ready for some news that will make your Android devices quiver in fear? According to recent reports, almost all Android devices with Qualcomm and MediaTek chips are currently at risk of a remote code execution attack due to vulnerabilities in the audio decoders of these chips.
If left unpatched, attackers could exploit these vulnerabilities to gain remote access to your device’s camera and microphone by using a malformed audio file. To make matters worse, an unprivileged Android app could leverage these vulnerabilities to spy on your media data and eavesdrop on your conversations.
But wait, there’s more! Since most Android devices are powered by either Qualcomm or MediaTek chips, the impact of these vulnerabilities is widespread. But thankfully, Check Point Research (CPR) responsibly disclosed their findings to both chipmakers who have since issued fixes.
So, what exactly are these vulnerabilities? They were found in Apple Lossless Audio Codec (ALAC), which is embedded in many non-Apple audio playback devices and programs, including Android smartphones. While Apple has updated the proprietary version of its decoder multiple times, the shared code in the open source version of ALAC has not been patched since 2011.
But there is good news!
Since CPR discovered the vulnerability and informed the chipmakers, who then made a patch to fix the vulnerability all you need to do is make sure your Android Phone is up to date. So here are some things to help you stay safe
- Patching vulnerabilities: Make sure all Android devices with Qualcomm and MediaTek chips are updated with the latest patches from the chipmakers to address the vulnerabilities in their audio decoders. If your not sure, update anyway.
- Implementing an MDM solution: This can help manage and secure company-owned devices, ensuring that all devices are up-to-date with the latest security patches, and enforcing password policies and encryption.
- Personal/Employee education: Educate everyone on the importance of updating your devices regularly and the risks of downloading and opening unfamiliar files or apps.
- Implementing a firewall: This can help monitor and control network traffic to prevent unauthorized access and stop malicious activity.
- Enforcing password policies and two-factor authentication: This can help ensure that all devices are protected with strong passwords and an additional layer of security. i.e. don’t use the same password for everything, make sure your 2FAs are turned on (we know they are annoying but they do keep you safe)
Stay safe out there, and keep your devices updated!