A bug has been discovered in MediaTek processors. Among other things, the audio processing components appear to be vulnerable to attacks from outside. This could make it possible for malicious parties to gain access to, for example, audio fragments and in theory also eavesdrop on people. MediaTek reports that it has since solved the problems.
Attack on the audio manager
Check Point Research, a company that researches cyber threat intelligence, among other things, today released an extensive report about the vulnerability in MediaTek’s processors. The company conducted the research on a Xiaomi Redmi Note 9 5G. A device that uses the MediaTek Dimensity 800. The company reports in the message that they were able to reverse-engineer an unauthorized Android application to ‘attack’ the audio manager.
Check Point Research discovered four vulnerabilities in MediaTek’s firmware, software built into the hardware. In principle, these vulnerabilities allowed any app to pass commands to the sound card in the processor. A malicious Android application or app would thus have the opportunity to get into this sound card and thus even have the possibility to eavesdrop on owners of a particular device.
Check Point Research also claims that not only could the vulnerabilities be exploited through malicious applications or apps, it also says that it “finds dangerous audio settings implemented by MediaTek.”
Dissolved
People with a smartphone that has a MediaTek processor probably don’t have to worry. The issue has never been publicly spotted and the issues should have been resolved. MediaTek has already noted and fixed the error in a security patch last October. Coming December, the company will come up with new improvements. The researchers further reported that MediaTek also worked with them to resolve the issues.
Although the problem has been solved, it is always better to be careful when downloading apps. For example, only download apps from Google’s Play Store and check which permissions a specific app wants. This greatly reduces the chance that you will install a malicious app. Check Point also gives the following tips:
- Do not root your smartphone: do not try to access the ‘root’ of your smartphone with the administrator account.
- Update your smartphone: install the latest version and check regularly for updates.
- Install an antivirus: Get an antivirus that can protect you against external maliciousness.
– Thanks for information from Androidworld. Source