Google
Kusvika parizvino, mishumo yekusagadzikana yepamutemo (Android Security Bulletins) yangoratidza nyaya mumusimboti kodhi inopihwa muAOSP repository, asi haina kurangarira nyaya dzakanangana nekugadziriswa kubva kuOEMs. Kare
Pakati pematambudziko akaonekwa:
- MuDigitime zvishandiso, panzvimbo yekutarisa mamwe mvumo yekuwana iyo OTA yekuvandudza yekuisa sevhisi API
yakashandiswa password yakaomeswa inobvumira anorwisa kuisa chinyararire APK mapakeji uye kuchinja mvumo yekushandisa. - Mune imwe browser inofarirwa nemamwe maOEM
Phoenix password manejayakaitwa muchimiro cheJavaScript kodhi inomhanya muchirevo chepeji rega rega. Saiti inodzorwa neanorwisa inogona kuwana yakazara mukana kune mushandisi password yekuchengetedza, iyo yakavharidzirwa uchishandisa isingavimbike yeDES algorithm uye kiyi yakaoma-coded. - System UI application paMeizu zvishandiso
loaded yekuwedzera kodhi kubva kunetiweki isina encryption uye yekubatanidza verification. Nekutarisa HTTP traffic yemunhu akabatwa, anorwisa anogona kumhanyisa kodhi yake mumamiriro ekushandisa. - Vivo midziyo yaive nayo
itwazve checkUidPermission nzira yePackageManagerService kirasi yekupa dzimwe mvumo kune mamwe maapplication, kunyangwe zvibvumirano izvi zvisina kutaurwa mu manifest file. Mune imwe vhezheni, nzira yacho yakapa chero mvumo kumaapps ane identifier com.google.uid.shared. Mune imwe vhezheni, mazita epasuru akatariswa achipesana nerondedzero yekupa mvumo.
Source: opennet.ru