Comment by ufmace
7 months ago
It's a cool and interesting type of attack, but I really don't care for the breathless clickbait headlines that are sourced to a few security researchers demonstrating an attack in a lab, that has already been patched against and has never been seen in the wild.
Good thing every Android phone gets fresh updates all the time then.
with detailed changelogs!
"Security and Stability Improvements", part 413.
In Android world, there is not such thing as "has been patched". It is always A complex situation with all different OEMs, devices and versions.
The patch was committed about 3 months ago, possibly available to OEMs as binary earlier, but devices are probably just receiving these patches.
I bet at least half of all affected Android devices in the world have not got the patch yet if I am optimistic. It's probably near 80-90%.
> has already been patched against
... has not been (effectively) patched against, as it happens. Maybe in December!