January Android security patch will protect Android users from Spectre vulnerability

January Android security patch will protect Android users from Spectre vulnerability
Google is getting ready to protect Android users from a new exploit dubbed Spectre. The latter can affect processors from Intel, AMD and ARM which means that mobile devices are vulnerable. An affected handset can leak sensitive information including passwords. The good news is that it is not as easy to exploit compared to other vulnerabilities. Since Spectre can infiltrate cloud servers, customer data belonging to corporations could be at risk.

Google has a posting online that explains how these vulnerabilities can affect its products. The company says that exploitation on Android is difficult and limited. The January Android security patch will protect devices running the open source OS. Google also states that Google Search, YouTube, Google Ads products, Maps, Blogger, and the customer data held by Google, are protected. So are Gmail, Calendar, Drive, Docs, and other G Suite services.

Another new exploit called Meltdown is designed to affect only devices powered by Intel processors. It is easier to exploit than Spectre, and can steal secrets buried inside a PC.

If you own an Android device, make sure that you install the January Android security patch as soon as you receive it.

source: Meltdownattack.com, Google via AndroidCentral




Posts: 202; Member since: Dec 08, 2012

Will this come via Play Services update, or users of old Android versions are scr**ed?

3. vincelongman

Posts: 5748; Member since: Feb 10, 2013

Via security patches and app updates Enabling Chrome's Strict site isolation will keep users safe until Chrome 64 is released on January 23 (should also work for other Chromium-based browers too) chrome://flags/#enable-site-per-process Apple's SoCs are Meltdown susceptible Apple hasn't said how far back it goes, probably all their recent custom custom Only ARM's new A75 is Meltdown susceptible ARM's A72, A57 and A15 are susceptible to variant of Meltdown ("variant 3a"), however ARM claim software mitigations are not necessary No comment from Samsung or Qualcomm yet about if their custom cores are susceptible

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.