Google finds severe holes in Galaxy S6 Edge, some remotely exploitable
- 8 years ago
Google's team of elite hackers at Project Zero has discovered 11 "high-impact" security flaws in Samsung's Galaxy S6 Edge.
Samsung's flagship device is just the latest target in the group's sights.
As well as having probed several antivirus products and even Android itself, they had previously poked around in Windows and found serious bugs.
The most significant of the 11 bugs affecting the Galaxy S6 Edge was spotted by Project Zero researcher Mark Brand, who in late July told Samsung about a directory traversal bug in the device's WifiHs20UtilityService.
The service scans for a zip file in /sdcard/Download/cred.
zip and unzips it.
What makes it dangerous is that the "file-write vulnerability can be triggered by browsing to a website without any user interaction", Google notes in the Project Zero bug database.
Samsung's flagship device is just the latest target in the group's sights.
As well as having probed several antivirus products and even Android itself, they had previously poked around in Windows and found serious bugs.
The most significant of the 11 bugs affecting the Galaxy S6 Edge was spotted by Project Zero researcher Mark Brand, who in late July told Samsung about a directory traversal bug in the device's WifiHs20UtilityService.
The service scans for a zip file in /sdcard/Download/cred.
zip and unzips it.
What makes it dangerous is that the "file-write vulnerability can be triggered by browsing to a website without any user interaction", Google notes in the Project Zero bug database.