top of page
Search

Google launches new security program to make best Android phones way more secure !!

  • Writer: Tech Glass
    Tech Glass
  • Oct 2, 2020
  • 2 min read

The Android Partner Vulnerability Initiative has been launched to manage security issues that are unique to specific device manufacturers.


ree

What you need to know:

  • Google has introduced the Android Partner Vulnerability Initiative.

  • The new program has been designed to provide transparency to users regarding security issues affecting devices from Android partners.

  • A few major security vulnerabilities affecting devices from some OEMs have already been discovered thanks to the new program.

Google today rolled out a new program that has been designed specifically to manage security issues specific to Android OEMs. The new Android Partner Vulnerability Initiative aims will make the best Android phones even more secure by remedying issues that affect device models made by OEMs. Google has various programs that allow security researchers to report any security vulnerabilities. While vulnerabilities in Android code can be reported via the Android Security Rewards Program (ASR), issues in third-party Android apps can be submitted through the Play Security Rewards Program. Until now, however, there was no way to manage issues affecting only specific Android OEMs.

Google says the Android Partner Vulnerability Initiative is aligned to ISO/IEC 29147:2018 Information technology – security techniques – Vulnerability disclosure recommendations and covers issues impacting device code that it doesn't service or maintain itself. The APVI has already helped process quite a few security issues, including credential leaks, generation of unencrypted backups, and execution of code in the kernel. Google found a custom system service in the Android framework in some versions of a third-party pre-installed over-the-air (OTA) update solution, which enabled access to sensitive APIs such as enabling or disabling apps and granting app permissions. The service was found in the code base for many device builds across multiple OEMs. Google has made the OEMs aware of the issue and guided them on how they can remove the affected code. It also found a major security vulnerability in a popular web browser pre-installed on many devices, which could have allowed malicious sites to access the user's saved passwords. You can find more information on these issues and future disclosures here.


Source: AndroidCentral

Comments

Apple iPhone Event under 9 Minutes : iPhone 12, iPhone 12 Pro and iPhone 12 Mini details | TechGlass
08:25
7 Top iOS14 features from Android | TechGlass
03:12
How to get iOS 14 NOW before its official release | TechGlass
02:21
FREE : How to watch YouTube without Ads for FREE | TechGlass
01:18
Top 6 reasons to use Google Meet | TechGlass
02:43
Zoom Video Conferencing : Should you Zoom In or Zoom Out | TechGlass
03:09
Google Smart Debit Card | Leaks | TechGlass
02:27
iPhone SE by Apple, cheapest iPhone ever | TechGlass
00:57
YouTube Shorts, the TikTok Rival from Google
00:25

©2020 by TechGlass. Proudly created with Wix.com

bottom of page