DLC Technology Blog

DLC Technology was founded in 2005 to fill an unmet need in the small business IT market for best-in-class IT solutions and support. With DLC, you benefit from the counsel of technology experts who understand growing businesses.

ALERT: Dangerous Zero-Day Threats Found in Recent Samsung Chipsets

ALERT: Dangerous Zero-Day Threats Found in Recent Samsung Chipsets

Google’s Project Zero team has discovered 18 zero-day vulnerabilities impacting the Samsung Exynos modems—four of which enable remote code execution. Let’s talk about what this issue does, and what needs to be done to minimize risk.

These Threats are Severe and Need to Be Addressed

Without going too far into the weeds, some of these vulnerabilities—which, in addition to mobile devices, were also identified in wearables and vehicles—can be carried out with the attacker only knowing the target’s phone number and can give the attacker access to the device with no need for the target to provide access. In fact, a vulnerable device could be compromised without the target even being made aware.

Samsung’s list of impacted devices includes:

  • Samsung mobile devices, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
  • Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series
  • Google’s Pixel 6 and Pixel 7 series

Plus, any wearables that use the Exynos W920 chipset and vehicles with the Exynos Auto T5123 chipset are also impacted. It is also important to note that this is by no means an exhaustive list.

Patches Aren’t All Available as Of Yet, But There is a Fix

Because this issue impacts devices from so many vendors and manufacturers, patches aren’t necessarily available for everything that is going to be impacted. However, you should disable Wi-Fi calling and Voice-over-LTE to prevent the threat, and update your devices when patches are released.

For most of the common smartphones, like the recent Google Pixel phones and Samsung Galaxy phones, these updates were pushed out in the March security patch. If you own these devices, you need to make sure you apply these updates because not doing so will leave your device extremely vulnerable to attack.

We’re Here to Help You Manage the Complicated IT Businesses Require

Reach out to us for any assistance needed with implementing these fixes, or any of the rest of your IT. Call us at (856) 983-2001 today for help.

How to Get Back Into Your Multi-Factor Authenticat...
A Trustworthy Recovery Strategy Requires a Few Thi...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, 20 May 2024

Captcha Image

We invite you to be a part of the conversation!

Be sure to :
    • interact and respond to our posts via social media
    • drop us a line

Customer Login


BLOG RESOURCES

Social Media

Stay up-to-the-minute with the latest technology news by following DLC Technology Solutions on your favorite social media channels:

CORPORATE INFO