Skip to content

Android Security Bulletin April 2017 makes Firmware look like WTC after 9/11

The April 2017 Android Security Bulletin is out, and makes Android Qualcomm and Broadcom Firmware look like the WTC straight after 9/11. At this rate we have exhausted the four digit CVE counter for 2017 before Pentecost.

We already know MediaServer is a piece of swiss cheese, but this is about CameraBase, Audioserver, SurfaceFlinger,Telephony, Factory Reset (sic!) and Broadcomm, Qualcomm, NVIDIA, HTC and MediaTek Firmware problems as well.

Much of that is available as binary blob only and never has seen a systematic audit, ever. Hence the CVE list. Multiple Critical, plenty of High.

Your phone does get updates and fixes, does it?

Published inHackerterrorcybercyber

5 Comments

  1. Jean-Marc

    Yes, my 3 year old S5 still get’s updates :-)
    But not sure how long anymore…

  2. AndreasLobinger

    My phone, bought in April 2014 doesn’t get updates and fixes. Google Nexus 5.

  3. Eric

    I yearn for free software and open hardware.

  4. eeeeee

    By the way: This is the same firmware issue that iOS 10.3.1 is fixing for Apple devices. Same Broadcom code.

Leave a Reply

Your email address will not be published. Required fields are marked *