forum de la Grande Guerre Index du Forum

forum de la Grande Guerre
Le forum de la Guerre 14-18

 FAQFAQ   RechercherRechercher   MembresMembres   GroupesGroupes   S’enregistrerS’enregistrer 
 ProfilProfil   Se connecter pour vérifier ses messages privésSe connecter pour vérifier ses messages privés   ConnexionConnexion 

Samsung Factory Reset Protection

Poster un nouveau sujet   Répondre au sujet    forum de la Grande Guerre Index du Forum -> Les armées en présences -> France
Sujet précédent :: Sujet suivant  
Auteur Message

Hors ligne

Inscrit le: 04 Juin 2018
Messages: 4

MessagePosté le: 11/06/2018 08:49:13    Sujet du message: Samsung Factory Reset Protection Répondre en citant

Two days after Google released the Android Security Bulletin for the month of June, Samsung followed suit and released its own security updates, meant to supplement Google's fixes for Samsung devices.

Back in January, Samsung started its own security bulletin, similar to Google's, but focusing on security bugs specific to its own bastard implementation of the Android OS. This security bulletin, called Security Maintenance Release (SMR), is issued every month, a few days after the official Google Android Security Bulletin.

For this month's changes, the company announced it fixed nine issues, but could only disclose details about five.

Samsung fixes device takeover issue in factory reset process
The most dangerous issue covered a bug that affected Samsung Galaxy devices running Android 5.0 and 5.1 during their factory reset process. Samsung and attackers have known about this issue since the autumn of 2015, when famous root artist RootJunky demonstrated the exploit on YouTube.

Protecting the factory reset process (FRP) is crucial for all phone manufacturers. Attackers with access to a phone can initiate a factory reset, and by bypassing this procedure, they can have access to both the phone and its owner's data.

In this particular case, Samsung says that an attacker could connect the Galaxy device to a USB OTG during the FRP wizard. This action would stop the wizard and bring up a MyFiles window that would have allowed the crook to upload an app, install it and take over the device, bypassing both the FRP and any potential device locks.

Other issues also fixed
Samsung rated this issue, SVE-2015-5068, as a high impact problem and fixed it this month. Additionally, the company also fixed another high severity issue in the signature checking process for app installations.

The company also fixed two medium severity issues, one in the email client that used DES encryption instead of 3DES, and one that allowed attackers to send AT commands via USB connections, even if the device was locked.

Last, but not least, Samsung also fixed a low severity SIM lock bypass issue that affected phones running Android 5.0 or higher.

Samsung has bundled its own security fixes together with Google's core Android patches and has delivered the security patches to its partners. It's now up to ISPs to provide these updates to clients.
Revenir en haut

MessagePosté le: 11/06/2018 08:49:13    Sujet du message: Publicité

PublicitéSupprimer les publicités ?
Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    forum de la Grande Guerre Index du Forum -> Les armées en présences -> France Toutes les heures sont au format GMT + 2 Heures
Page 1 sur 1

Sauter vers:  

Index | Panneau d’administration | créer un forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
Powered by phpBB © 2001, 2005 phpBB Group
Traduction par :