Two-thirds of smartphones sold in 2021 have a flaw in their chips that could allow a hacker to eavesdrop on your phone.
The security experts Check Point said that chips manufactured by MediaTek and Qualcomm use an open-source version of Apple Lossless Audio Codec (ALAC) that’s vulnerable to attack.
The Codec was developed by Apple, but they made an open-source version available in 2011 and it is used in millions of devices. Apple made security updates to their proprietary version of the software, but the vulnerable open-source version was still in use by the two largest phone chip manufacturers in the world.
According to the experts at Check Point hackers could gain control of the device with a malicious audio file and gain control over your multimedia files. They could even stream from your camera.
After Check Point discovered the flaw, they contacted the chipmakers, and the companies issued security patches to fix the flaw.
Is it 2021 or 2011? There’s a typo in one place or the other. And since chip manufacturers have issued security updates to resolve the flaw, would that not be included in the regular security updates sent to devices?