Google says some Samsung smartphones targeted with zero-day vulnerabilities, issues fixed

Google says that a commercial surveillance vendor was exploiting three zero-day security vulnerabilities in a few Samsung smartphones. The issues, discovered in Samsung’s custom-built software, have now been patched.

As per a blog post by Google Project Zero security researcher Maddie Stone, these vulnerabilities were used as part of an exploit chain to target Samsung smartphones running Android OS. These loopholes allowed the attacker to gain read/ write privileges, essentially to gain access to the phone’s data.

“The first vulnerability in this chain, the arbitrary file read and write, was the foundation of this chain, used four different times and used at least once in each step,” Stone said.