If you use a MediaTek-powered device, you should update your security level ASAP

The last time we talked about the security firm Check Point Research, it was about how cryptocurrency scammers were using Google Ads to target their victims. This time, Check Point are back with more worrying findings, but regarding vulnerabilities in MediaTek’s mobile system-on-chips.

You can check out their full post on the specifics of how they did it, but in short most new MediaTek processors have a special AI processing unit (APU) and an audio digital signal processor (DSP) that use a custom Tensilica Xtensa microprocessor architecture. The folks over at Check Point Research though used a rooted Redmi Note 9 with a MediaTek Dimensity 800U in it and found that it was possible to bypass the security features in place. By carrying out what’s known as a local privilege escalation attack via an app, Check Point Research managed to access the data that went through the APU and DSP. In short, this meant that you could eavesdrop on the device owner.

The good news though is that the hack was never spotted in the wild. Instead, Check Point Research had to reverse engineer the Android API responsible for communication with the audio processor and the firmware on the DSP before being able to take advantage of the vulnerabilities in MediaTek’s code. Once their app got through, it was able to get system-level permissions it would even be able to hide malicious code into the DSP chip itself. It’s likely that all of MediaTek’s chips with the Tensilica APU platform were affected, though neither Check Point nor MediaTek gave a list of affected processors. Curiously, some of Huawei’s Kirin processors also have Tensilica code in it, but there’s also no word if those could be affected.

The even better news though is that the researchers at Check Point claim MediaTek is aware of the vulnerabilities, and have since patched them out too in their October security level patch. This means that if you’re currently using a smartphone with a MediaTek processor in it, you should check for updates and download the latest available Android security patch level. If you see that it’s one from October or later, then it should be safe.

With MediaTek processors now in over 40% of smartphones across the world, it’s perhaps good to know that the Taiwanese company took Check Point Research’s findings seriously and patched out the potential loopholes in their chips before any serious issues cropped up.

[ SOURCE ]

Recent Posts

Denza Z9 GT now in Malaysia for RM359k: Luxury sports EV with 600km of range

Denza Z9 GT is now officially in Malaysia after it was first demonstrated here over…

9 hours ago

Huawei MatePad Air 2026 with 144Hz PaperMatte OLED screen, six speakers previewed in Malaysia: Here’s what we know

Aside from launching the Huawei Pura 90s series, Huawei Malaysia also unveiled the MatePad Air…

13 hours ago

Gentari drops DC fast charging prices at select locations across Peninsular Malaysia

Gentari has announced a price cut for selected DC chargers across Peninsular Malaysia. EV owners…

15 hours ago

Gentari’s Ayer Hitam EV Charging Hub now upgraded with 7 DC Charge Points

Petronas Bandar Baru Ayer Hitam is one of the most popular EV charging hubs for…

23 hours ago

Proton Saga Cross AMA02 spotted undergoing testing at Federal Highway

We spotted a camouflaged car at Federal Highway earlier today that might be the new…

1 day ago

Huawei Pura 90s series arrives in Malaysia from RM3,699. Pro Max version gets a 200MP telephoto camera

Huawei has officially launched the Pura 90s series in Malaysia, its latest flagship camera phones…

2 days ago

This website uses cookies.