Another security flaw is found to affect Android OS and it’s potentially very serious. When opening a compromised PNG image file, a hidden malicious code could be executed, which may harm your data and device. It’s hard to avoid these booby-trapped images, because they may be very interesting. PNG files can be sent through instant messaging, text messages or email. PNG is a fairly popular image format, although not as popular as JPG.
The bug may affect smartphones with Android 7.0 Nougat through Android 9.0 Pie. Google describes this flaw as a remote attack using a crafted PNG file that can execute arbitrary codes. Of course, Google doesn’t further elaborate on how the bug work, but it appears that the security flaw isn’t exploited yet. The fix has been released, but it’s not available widely. Google already rolls out a fix for this bug this month. Other than fixing the PNG image bug, the update also resolved 41 other vulnerabilities and issues with different security levels. The fix isn’t available for every Android smartphone, because the fix is delivered only to Pixel smartphone and tablet series, along with the Essential Phone.
If you have smartphones made by Samsung, Xiaomi or LG; you will need to wait until the update is pushed out to your device. Actually, we could expect that many Android smartphone models will never receive the update due to various reasons. Because the security glitch is already publicly known, hackers could be exploiting it right now.
Also, we can guarantee that millions of Android smartphone owners are still not aware of this problem. To reduce risks, you should refrain from transferring PNG file into your device and view it. This is especially true if you get the PNG files from unknown individuals. Having reliable security software in your device may not guarantee your safety.
If you want to manually check whether there’s a security update available for your device, go to Settings and tap About Phone or About Tablet, depending on the type of your device. Tap Software Update and you will be given to download the update right now or later if an update is available.