Twitter has patched its app from a vulnerability within Android that could let a malicious app siphon users' private date — including their direct messages — while bypassing system permissions. Every Twitter for Android user was notified about the security hole which affects users on versions 8 Oreo and 9 Pie. Read More
It's been a while since we've covered a new Minecraft patch, but it would appear the launch of the 1.16.0 Nether update is a big one. Four new Nether biomes have been introduced to the game, along with a new block material Netherite, not to mention a few new enemies. There's also new story content, plus you can expect to discover some fresh music as you explore the new areas in the Nether. As you can see, the Nether update brings many welcome changes, and you can jump in right now since Minecraft's latest update is already live on the Play Store. Read More
Mozilla has patched a zero-day exploit in late revisions to Firefox 72 and version 68 of the Android web browser. In a security advisory, the company said that it was made aware of "targeted attacks in the wild abusing this flaw." Read More
Android Q Beta 2 brought with it a lot of new features, though it's not surprising that some stuff is being broken given that it is a beta. Google today announced a patch for Q Beta 2, and factory and OTA images are available for installation right now. OTAs will roll out within the next 24 hours. Read More
The Fortnite mobile beta is still limited to Samsung users and those that have received beta invitations. Since development on the title is a constant, it's no surprise to see a new patch rolling out today. The big news is that this patch brings with it voice chat for Android. You can also expect to find a new capture-the-flag mode called Getaway that will only be available for a limited time. Read More
One week ago, details about widespread vulnerabilities in modern processors became public. One variant, named 'Meltdown,' affected every modern Intel chip. Two other variants, collectively known as 'Spectre,' are known to affect chips from Intel, AMD, and ARM (at the very least). Most Google products are already protected against these threats, but now the company has made it easier to tell which Chromebooks are patched. Read More
Vulnerabilities. There's a new flavor of the week every few days and in this highly connected world, it's tough to keep up, whether it's for users who don't know which of their devices are vulnerable and have/haven't been patched or for companies who are scrambling to fix one bug only to see the next one around the corner.
The BlueBorne vulnerability affected Bluetooth devices and could be exploited by hackers to completely take over a device with Bluetooth just turned on, without pairing with it first. Android patched it in September, but it appears that Amazon Echo and Google Home devices were left vulnerable for a while. Read More
Root users should be universally familiar with Magisk, and yesterday both it and the associated Magisk Manager were updated to v14 and v5.3.0, respectively. There are a ton of changes, but the headlining features from these updates are improvements in Samsung device compatibility, a new beta channel for updates, and the ability to patch boot images without root. That last one is a biggie, as it'll let you install Magisk both without a custom recovery and without already being rooted. Read More
OnePlus is something of a darling among Android power users, shipping phones that can be bootloader unlocked without any special permissions or codes. But security researcher Roee Hay found that the OnePlus 3 (and the revised OnePlus 3T) are rather more open than was probably intended. With two native fastboot commands, Hay found he could install unverified boot images and disable the verified boot feature, all without actually unlocking the bootloader with the familiar user-accessible command. Which is, well, bad: it basically means anyone can run malicious code on the phone without resetting the user's data. Read More
Samsung has been diligent about releasing its security patch bulletin along with Google at the beginning of every month, but this month, it took the lead and published the details before even Google got around to doing so.
The report lists the different Android Security Bulletin patches issued by Google to AOSP, which are quite numerous this month. There are 9 critical patches, 26 high-severity ones, 9 moderate, and no low severity patches. As for Samsung's Vulnerabilities and Exposures, 4 new ones have been patched with this release, but the bulletin keeps two a secret probably as to not compromise any devices that might be unguarded and have not already or will not receive the security update. Read More