Last Updated: 24th July, 2022
Google as of late started the roll-out of the February 2019 Android security updates that tends to a sum of 42 issues and fixes vulnerabilities of various severity levels. Be that as it may, on the off chance that you think these are only a normal security updates, you should need to reevaluate.
One of the vulnerabilities settled by Google could enable a hacker to seed malware by simply sending a photograph in PNG (Portable Network Graphics) format or commonly known as Critical PNG Security Bug. What’s more, when users open the picture, it triggers the exploitation and enables terrible bad guys to remotely execute arbitrary code and unleash destruction.
This is the manner by which Google portrays it, saying in its February Android 2019 security fix takes note of, “The most serious of these issues is a basic security vulnerability in the framework that could permit a remote attacker utilizing a specially made PNG file to execute arbitrary code inside the setting of a privileged procedure.” But in spite of Google having distinguished and settled the issue, there is little reprieve for the billions of Android smart phone users out there.
Why? All things considered, the February 2019 Android security updates have just been released for the Pixel cell phones, the Pixel C tablet, and the Essential Phone. Obviously, the quantity of Pixel gadgets out there is apparently nothing contrasted with the a great many Android smart phones from different brands.
To additionally disturb the issue, a greater part of in danger users have not been informed about when their Android smart phone will get the February 2019 Android security updates and protect them.
All in all, what should be possible in this situation? The best arrangement is to DO NOT open a picture, explicitly a PNG document got by means of a doubtful email, SMS, or on a messaging app. The attention here is on a PNG document, in light of the fact that the basic helplessness can be abused by means of a specially created PNG file to execute arbitrary code inside the setting of a privileged procedure.
To just put it, opening the contaminated PNG files will initiate the exploitation and could open the conduits for downloading malware on the gadgets or devices.
The basic vulnerability has been seen in three structures (CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988) and influences Android smart phones running Android 7.0 or a higher builds going as far as possible up to Android Pie.
Google guarantees that up until this point, no incidents of awful guys misusing the critical security bug have been accounted for up until this point. Besides, Google has just advised all Android accomplices about the security bug one month before distributing subtleties of the vulnerabilities and has likewise released the code patches to the Android Open Source Project (AOSP) repository.
While Pixel users have gotten an update to fix the basic vulnerability, other smart phone manufactures are yet to release an update to address the issue on their contributions. Until that occurs, we encourage you to shun opening PNG files got from obscure individuals and download the security updates when it ends up accessible.