Your Android Phone Could Get Hacked Just By Opening A PNG Image

Hackers can hack an Android smartphone just by looking at a PNG image

We review products independently, but we may earn affiliate commissions from buying links on this page. Well, Google has uncovered a brand new security vulnerability that can be employed to hack Android smartphones using a PNG file.

The Android Security Bulletin for February lists 42 vulnerabilities in the Google mobile operating system, 11 of which are critical.

What's the harm in opening a digital image? The focus here is on a PNG file, because the critical vulnerability can be exploited via a specially crafted PNG file to execute arbitrary code within the context of a privileged process. The search giant also notes that there are no known incidents of hackers exploiting the bug to affect user devices just yet.

It isn't the first time security research has shown that PNG files can be rigged for unsafe effect.

Once upon a time only Intelligence agencies had the control over Android devices remotely accessed from anywhere in the world but now anyone can take full root access just by sending you an image file on your smartphone. A separate app can then read the image file and decrypt it to launch the hidden computer code inside.

Marks & Spencer 'Love Sausage' launch for Valentine's Day sparks comical reactions
While a third wrote: "Morning, you're really opening yourselves up for real innuendo today with your 'love sausage". Since revealing the new shelf addition on Twitter, M&S customers have been fair impressed with the Love Sausage.

It serves as the graphics engine for Google Chrome and Chrome OS, Android, Mozilla Firefox and Firefox OS, although it's not now known if other platforms may be exposed to the vulnerability as well.

Google has not released technical details of the defect as well. The good news is that Google has patched the problems with an update to Android.

The vulnerability was one of three bugs impacting Android Framework - CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988 - and is the most severe security issue in the February update. So it will not be easy for anybody to find the hacking method.

Although there are no reports of users being actively targeted in the wild via this vulnerability, this could change as the window for individual ecosystem vendors to issue patches can run into several weeks or even months.

Related News:

  • Kanye West’s signature forged in alleged New York Fashion Week scam

    Kanye West’s signature forged in alleged New York Fashion Week scam

    The Blast also reports that an additional $150,000 was wired to Burundi Partlow Consulting, which is a Chicago-based company. He says the Plein and himself agreed on a "t-shirt" shortly after recanting on their "concert" agreement.
    Disappointed with T20 series loss, says Rohit Sharma

    Disappointed with T20 series loss, says Rohit Sharma

    In between these two dismissals, the Kiwis also got the wicket of a settled Rohit Sharma to tilt the odds in their favour. Didn't really focus on trying to do anything different, tried to put pressure back on the bowlers.
    PSG's Cavani doubtful for Man United game

    PSG's Cavani doubtful for Man United game

    There was some good news for PSG as midfielder Marco Verratti returned to the line-up after recovering from an ankle injury. The win over Bordeaux put PSG 13 points clear at the top of Ligue 1, but comes after the toughest spell of their season.
  • Booker deliveries disrupted following Ocado warehouse fire evacuation

    Booker deliveries disrupted following Ocado warehouse fire evacuation

    Although under control, it caused a collapsed roof and damaged all the robots and stock inside, firefighters said. These are the times when we take our hats off to the firefighters (and other experts) who tackle such scenes.
    Manafort continued Ukraine work in 2018, prosecutors say

    Manafort continued Ukraine work in 2018, prosecutors say

    He also was convicted by a jury in August in a separate federal case in Virginia for bank and tax fraud crimes. Mueller got that information from Gates, according to the transcript.
    Fortnite account merging is finally here

    Fortnite account merging is finally here

    The ability to merge your Fortnite accounts to share cosmetics and pool V-Bucks across different platforms is finally possible. The whole process should take about two weeks , after which all items and V-Bucks will be in a unified under one happy roof.
  • Alia Bhatt reacts to Kangana Ranaut calling her

    Alia Bhatt reacts to Kangana Ranaut calling her "Karan Johar’s puppet"

    During an event related to the film, Kangana was asked about lack of support to her during film's promotions. The actor called Kangana a "rockstar".
    UEFA President Sets Out Vision for European Football

    UEFA President Sets Out Vision for European Football

    He immediately promised a dramatic overhaul of European club competitions. Ceferin was elected as UEFA's 7th president in September 2016.
    Scotland braced for 70mph winds from Storm Erik

    Scotland braced for 70mph winds from Storm Erik

    A yellow weather warning has been issued Norfolk this weekend, with gusts of up to 55mph potentially hitting parts of the region. Snow, rain and wind are set to continue to batter the United Kingdom this weekend as Storm Erik rages on through Saturday.
  • The story behind odd phenomenon of ‘ghost apples’

    The story behind odd phenomenon of ‘ghost apples’

    The apples are a variety called Jonagolds, one of Sietsema's favorites, he told CNN, adding, "but we'll call these 'Jonaghosts'". As the apples pruned, Sietsema noticed that the mush drained out the bottom, and the "ghost apples" ice shells were left behind.
    Australian Parliaments computer network targeted by hacker

    Australian Parliaments computer network targeted by hacker

    Just a year ago , the department of parliamentary services was allocated $9 million to set up a cybersecurity operations centre. Earlier this week, the ASD revealed Australian Government agencies suffer a serious cyber attack around once a day on average .
    Recent Match Report - New Zealand vs India 2nd T20I 2019

    Recent Match Report - New Zealand vs India 2nd T20I 2019

    Opener Tim Seifert took the Indian bowlers to cleaners with a 43-ball 84 and visitors must have a plan to contain him on Friday. With his whirlwind fifty, Rohit also became the top run-getter in the format, surpassing Martin Guptill .


Most liked

NJ groom charged with sexually assaulting teen server at reception
Aimers then allegedly began kissing the girl and rubbing her genitals with his fingers over her trousers , the victim told police. The waitress managed to break free and get out of the bathroom and says she's been left "shaken" by the incident.

DUI Suspect Shows Off His Dance Moves During Field Sobriety Test
A breath sample showed Larson had a.28 BAC at the time, deputies say - more than three times the legal limit. He was awoken by deputies but then tried to get out the vehicle while the auto was in drive.

Crackdown 3 Getting Super Short Stress Test Tomorrow
The Crackdown 3 developers surprise its fan by delivering weekly updates and features just before its release. The last title in the franchise, Crackdown 2 , was released for the Xbox 360 in July of 2010.

Finland's income trial boosts happiness, not employment, Europe News & Top Stories
For one year, 2,000 randomly selected unemployed people were given an unconditional monthly basic income of $685 U.S. dollars. The recipients of a basic income had on average 0.5 days more in employment than the control group, Kela said.

Kyrie Irving of Boston Celtics exits with knee sprain
Irving had 14 points in as many minutes before leaving, making his only 3-point attempt and all five free throws. But he told the media "it's not fun" after the Celtics blew a 28-point lead in a loss against the Clippers.

Microsoft cybersecurity expert: Please, stop using Internet Explorer as a web browser
The brand has struggled to shake off the bad reputation of Internet Explorer 6, which was notoriously insecure. Unfortunately, Internet Explorer isn't equipped to handle the modern web.

Demonstrator loses hand during Paris 'yellow vest' clashes with police
The protests have brought hundreds of thousands of people out onto the streets all over France . Such vehicles have been a common sight in Paris since deadly extremist attacks in 2015.

Wells Fargo Customers: Outage Still Blocks Account, Pay Access
Wells apologized multiple times during the outage and said any fees that customers incur because of the outage would be reversed. Customers spoke up on social media Friday, saying mobile banking either was unavailable or their paychecks had yet to show up.

TSA confiscates record number of guns in 2018
But guns were also found in the luggage of an 84-year-old woman, a 10-year-old boy, a pastor, and an airport worker. Airports with higher rates of firearm seizures were generally found in states with less strict gun laws.

Game modes for the Fortnite 'Share the Love' Series have been leaked
As an incentive for players to upgrade their Battle Pass, all players will receive double XP during the weekends in February. It looks like you'll be able to share the love with a partner in the upcoming "Share the Love" series .

China objects to Narendra Modi’s visit to Arunachal Pradesh, India dismisses remark
However, in April 2018, there seemed to be an effort to improve bilateral ties when Modi and Chinese President Xi Jinping met. In addition to providing better connectivity to the region, the airport will also unravel the tourism potential of the state.

Sala family speak of 'infinite sadness' as body recovered
But David Ibbotson, from Crowle, who was lying Sala to the United Kingdom to join Cardiff City, has not been found. Cardiff fans can be heard calling them "sick" as a steward approaches the pair.

Virginia Lieutenant Governor Faces Second Sexual Misconduct Charge
Vanessa Tyson , alleges that he forced her to perform a sexual act at the Democratic National Convention in 2004. And I wanted him to know, unequivocally that I had nothing to do with it".

New Trailer for ‘Anthem’ Reveals Endgame Loot, Challenges, Strongholds, and More
Once you reach Anthem's endgame content, you can grab new gear in a variety of ways - all as challenging as they are rewarding. To start, three extra difficulty modes will be unlocked once you reach pilot level 30, the game's level cap.

Donald Trump Claims 'Presidential Harassment' By Democrats
At least two Democratic staffers working on Schiff's staff also spent time at the National Security Council, and Rep. She is a specialist on China and North Korea who speaks fluent Mandarin, one of the people said.