The last time we talked about the security firm Check Point Research, it was about how cryptocurrency scammers were using Google Ads to target their victims. This time, Check Point are back with more worrying findings, but regarding vulnerabilities in MediaTek’s mobile system-on-chips.
You can check out their full post on the specifics of how they did it, but in short most new MediaTek processors have a special AI processing unit (APU) and an audio digital signal processor (DSP) that use a custom Tensilica Xtensa microprocessor architecture. The folks over at Check Point Research though used a rooted Redmi Note 9 with a MediaTek Dimensity 800U in it and found that it was possible to bypass the security features in place. By carrying out what’s known as a local privilege escalation attack via an app, Check Point Research managed to access the data that went through the APU and DSP. In short, this meant that you could eavesdrop on the device owner.
The good news though is that the hack was never spotted in the wild. Instead, Check Point Research had to reverse engineer the Android API responsible for communication with the audio processor and the firmware on the DSP before being able to take advantage of the vulnerabilities in MediaTek’s code. Once their app got through, it was able to get system-level permissions it would even be able to hide malicious code into the DSP chip itself. It’s likely that all of MediaTek’s chips with the Tensilica APU platform were affected, though neither Check Point nor MediaTek gave a list of affected processors. Curiously, some of Huawei’s Kirin processors also have Tensilica code in it, but there’s also no word if those could be affected.
The even better news though is that the researchers at Check Point claim MediaTek is aware of the vulnerabilities, and have since patched them out too in their October security level patch. This means that if you’re currently using a smartphone with a MediaTek processor in it, you should check for updates and download the latest available Android security patch level. If you see that it’s one from October or later, then it should be safe.
With MediaTek processors now in over 40% of smartphones across the world, it’s perhaps good to know that the Taiwanese company took Check Point Research’s findings seriously and patched out the potential loopholes in their chips before any serious issues cropped up.
[ SOURCE ]
JomCharge x DBKL street-level EV charger deployment continues and the latest location is in Sri…
This post is brought to you by Nissan. For many Malaysian families, the idea of…
Besides deploying more DC Chargers in Penang Island in partnership with MBPP, Gentari has just…
BMW has officially revealed the updated 7th generation BMW 7 Series (G70), and this isn’t…
Aside from the big boss Find X9 Ultra, Oppo Malaysia has also introduced another member…
The Honor 600 and Honor 600 Pro have finally made their launch in Malaysia, making…
This website uses cookies.