📱 2022-04-05 22:30:14 - Paris/France.
Inkampani yokhuseleko i-Kryptowire ilumkisa ukuba uluhlu olubanzi lwezixhobo ze-Samsung zisesichengeni sesiphene esikhulu sokhuseleko esivumela abahlaseli ukuba balawule isixhobo.
I-Kryptowire yenza i-Mobile Application Security Testing (MAST), isixhobo esihlola ubuthathaka, kunye nemiba yokhuseleko kunye nemfihlo. Ngokutsho kwenkampani, ifumene ubuthathaka (CVE-2022-22292) obunokuvumela umhlaseli ukuba athathe uthotho lwezenzo, kubandakanya ukwenza iifowuni, ukufaka / ukukhupha izicelo, ukwenza buthathaka ukhuseleko lwe-HTTPS ngokufaka izatifikethi ezingangqinisiswanga, ukusebenzisa ii -apps kwi imvelaphi, kunye nokuseta kwakhona imveliso kwisixhobo.
Bona kwakho: Luluphi uhlaziyo lokhuseleko lwe-Android kwaye kutheni lubalulekile?
Ubuthathaka bubonakala buchaphazela phantse zonke ii-smartphones ze-Samsung ezisebenzisa i-Android 9 ukuya kwi-12, enkosi kwi-app efakwe ngaphambili yeFowuni enento "engakhuselekanga." Ekubeni i-app yefowuni isebenza ngamalungelo enkqubo, oku kuvula i-vector yokuhlasela yabadlali ababi. Ii-apps ezinobungozi zinokusebenzisa ukuba sesichengeni kwefowuni "ukulinganisa umsebenzi wenqanaba lenkqubo" kunye nokufikelela kwiifitsha ezinokuthi zikhuselwe.
U-Alex Lisle, i-CTO yaseKryptowire, ichaze iimpembelelo zobuthathaka:
“Ngaba ukhe wacinga ukuba omnye umntu unokufikelela kwifowuni yakho? Ngelishwa, unokuba ulungile. Iiapps eziphathwayo ziba yeyona nto iphambili yomsebenzi wobuqu kunye nobuchwephesha, emele eyona nto inomtsalane kubadlali ababi.
U-Kryptowire waqala wafumanisa ukuba sesichengeni ngoNovemba ka-2021 kwaye wazisa i-Samsung. Inkampani ikhuphe isiqwenga ngoFebruwari 2022. Bonke abasebenzisi be-Samsung bayakhuthazwa ukuba bahlaziye ngokukhawuleza ukugcina iifowuni zabo zikhuselekile.
SOURCE: Uphonononga Iindaba
Ungalibazisi ukwabelana ngenqaku lethu kwiinethiwekhi zentlalo ukusinika ukomelela okuqinileyo. 👓