A real PNG in the arse for Android users

Subject: General Tech | February 12, 2019 - 01:29 PM |
Tagged: Android, pie, nougat, Oreo, security

Careful what pictures you open up on your Android device as you may find yourself regretting looking at that meme.  Among the 42 new vulnerabilities listed in Android's newest Security Bulletin is a rather nasty one which could use a special PNG image to execute arbitrary code on your phone.  Currently unpatched, it affects even the newest Android Pie version and once a fix is determined, who knows how long it will take to propagate to your provider and your specific model of phone.  In the mean time surf carefully and take a peek at Slashdot for links to the other vulnerabilities, including 10 other critical ones.

View Full Size

"While this certainly doesn't apply to all images, Google discovered that a maliciously crafted PNG image could be used to hijack a wide variety of Androids -- those running Android Nougat (7.0), Oreo (8.0), and even the latest Android OS Pie (9.0),"

Here is some more Tech News from around the web:

Tech Talk

 

Source: Slashdot

Video News


February 12, 2019 | 03:30 PM - Posted by OMGandWaterIsWetAndEngineersGoToTheHighestBidder (not verified)

Imagine that! A PNG can ruin your day and aren't Web Standards so cute and cuddly, made as they are to placate the ad industry! And oh how ads have made everyone so much safer online from the all that nefariousness that exists as a direct result of the interwebs and ads pushed pushed out there by the billions with those special PNG packages in tow.

Now on to some Tech Talk headlines:

"• Google reportedly poaches Intel, Qualcomm and Nvidia engineers for 'gChips' team @ The Inquirer"

Well oh well itchy! That's Legal in Cali on the left coast of the US of A. So the really big bucks ad daddy has got its headhunters in long black limos on the prowl in Silicon Valley. And Ready at a moment's notice to carry out that pick-up with wine and dine on the Big G's dime for that fine grub mixed with benefits and pay grade chatter with potential CPU/GPU/Other processor engineering talent! And that's including the 5G radio white-coats that are so popular with Apple's headhunters, lately, on their black stretch sedan prowl for those of Triple E 5G kind.

That's just doing the Raja as they now say in that Valley of the Silicon Giants!

February 12, 2019 | 07:23 PM - Posted by chipman (not verified)

The problem is not the PNG standard but Google's implementation through the Skia library.

Yet another library broken by C++ monkeys...

February 12, 2019 | 10:21 PM - Posted by DoubleCPlusPlusGoodQuackTalkerChipmanIsDoingItAgain (not verified)

You're not qualified to comment on web standards, chipman!
You have other things to worry obsessively about like those Bolsheviks in your bathroom!

You had better call the John Birch Pest Control company and they will come by and check to see if those Bolsheviks have siphoned off too much of your bodily fluids!

The ad pushers are always up to nefarious ends and Google is the main nefarious ads do evil enabler via Google's past/ongoing web standards minipulation related history on the interwebs!

Thanks to Google's web standards minipulation PNG now stands for Perennially Nafarious Graphics!

February 13, 2019 | 12:23 PM - Posted by Gunbuster

So basically don't open an email or web page ever again on my old pathetic galaxy s6 edge +... Great

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.