Android and device manufacturers: If you have a Google Pixel smartphone, your phone is safe from a security flaw that could let a PNG file completely destroy your system. Now if your device is any other running Android then your phone is vulnerable.
This of course is a problem for Android.
Google recently released a security update for Pixel devices, which closes a blank space that allowed malicious PNG files to "run arbitrary code with administrator privileges."
In other words, malicious code can run with very high privileges while all you do is open a png file.
Αυτό σημαίνει ότι κάθε PNG που έρχεται στην συσκευή σας, (με ένα email, με μια εφαρμογή ανταλλαγής μηνυμάτων ή ακόμη και μέσω MMS) θα μπορούσε ενδεχομένως να παραβιάσει το σύστημα και να κλέψει ευαίσθητα data, on any non-Pixel phone.
The phones of Samsung, LG, OnePlus and many other manufacturers are still at risk of vulnerability.
The problem is not new. This is something that we have known for a long time, and continues to worry all its users Google software. As long as new vulnerabilities appear, late security updates will always be a very serious problem.
Android "fragmentation" has long been a big problem especially for OS updates. Of course we are not talking about the updates that add news characteristics, but patches that protect your personal data. Whether they are minor or not, these updates should not be ignored by any manufacturer.
Security updates are not as huge as new feature updates. They are released every month by Google, so they are much smaller and easier to install on the system - even for third parties. So while we hear excuses for not installing, it seems to be purely a matter of manufacturers' priorities.
New vulnerabilities will exist constantly, and no one wants to risk his data. However, no one requires the device manufacturer, immediate updates, as soon as they are available from Google.
Vulnerability with PNG is just one example. Every month security loopholes are discovered, and most manufacturers are releasing the updates months later. So your data remains exposed for a much longer period of time.
Here does not seem to be an easy answer for how you can fix things. Perhaps because it does not exist.
Until the manufacturers begin to take your safety and your data more seriously, there is only one answer: buy a different device. Apple and Google have shown that they are interested in user data, so iPhone and Pixel seem to be great choices for those who want and need more security.
It might sound cliche but it's time to vote with it wallet your. Don't buy devices from manufacturers who don't care about your data. It is the only way for them to understand the seriousness of the matter.
