LG fixes vulnerability that affected millions of G3 devices
LG has fixed a vulnerability in its G3 smartphone that researchers said could potentially allow an attacker to remotely steal sensitive data saved on the device's SD Card. An estimated 10 million G3 units are said to be vulnerable.
The vulnerability is in an app called Smart Notice, which comes pre-installed on new LG G3 devices, and can be thought of as a scaled down version of Google Now, delivering you relevant information before you need it.
The problem is that the app doesn't validate the data it handles, potentially allowing attackers to execute malicious code by manipulating the information it ferries to the user.
"Using the vulnerability, an attacker can easily open the user device to data theft attack, extracting private information saved on the SD Card including WhatsApp data and private images; put the user in danger of phishing attack by misleading the end-user; and enable the installation of a malicious program on the device," researchers revealed in a blog post.
"We informed LG, which responded quickly to notice of the vulnerability and we encourage users to immediately upgrade their application to new Smart Notice release, which contains a patch."
Related
Reader comments
- AnonD-417519
- 03 Feb 2016
- fsg
i recieved an update for this app yesterday , but there isn't any change in its interface or features
- emad
- 31 Jan 2016
- NkC
been there ,, nothing found yet
- Taz
- 31 Jan 2016
- X}3
You will love it when you will switch.. G3 looks great in lollipop.. and performance is way way better.. i was a kitkat g3 user.
Huawei
Samsung
Samsung
Apple
Xiaomi
