Every Android Phone is hackable with an image

Alfred Osborne
February 10, 2019

We review products independently, but we may earn affiliate commissions from buying links on this page.

Opening a single image in PNG format may be enough for your Android phone to be compromised by hackers, and that's regardless of how tech-savvy you might be.

Craig Young, computer security researcher for Tripwire Inc.'s Vulnerability and Exposure Research Team, told SiliconANGLE that it appears that the vulnerability is directly related to how Android parses, that is interprets, an image before rendering it. Well, the good part of Android security bulletin is that Google has not received any reports of anyone exploiting the vulnerability as of now and has patched the issues with an upgrade to Android in the form of a security patch.

"The most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process", it warned.

Classic Baldur's Gate video games are coming to Xbox One OnMSFT.com
Skybound Games has announced enhanced editions of classic Dungeons & Dragons RPGS from Beamdog will be released on consoles. What's more, Skybound Games says that we'll be hearing much more about the enhancements in the coming months.

India vs New Zealand, 3rd T20I in Hamilton
For New Zealand , Blair Tickner has been given his maiden national cap and he replaces rested Lockie Ferguson in the line-up. With 4 needed off the last ball, Mithali Raj was unable to get more than a single as India lost the match by 2 runs.

M&S Is Selling A "Love Sausage" For Valentine's Day
It's not just an ordinary sausage though, M&S are releasing a heart-shaped one for the occasion. Although it sounds very tasty, shoppers have been poking fun at the name of the product.

This isn't the first time when PNG files are flagged as risky because they can be rigged easily.

It serves as the graphics engine for Google Chrome and Chrome OS, Android, Mozilla Firefox and Firefox OS, although it's not now known if other platforms may be exposed to the vulnerability as well. However, given the ease in which the bug can be exploited, users should accept incoming updates to their Android builds as soon as possible. The update brings fixes to a number of known vulnerabilities in Android operating system including some that have been categorized as critical.

However, several third-party smartphone makers take weeks or months to roll out security patches to their phones.

In effect, this means that Android users, those who are not using Google-branded devices, may have to wait months to receive a security update and that's presuming they receive one at all. So it will not be easy for anybody to find the hacking method.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER