An elevation of privilege vulnerability (CVE-2017-0752) in the Android framework has been fixed in the September 2017 Android security bulletin. Any Android phone running a version older than Oreo (8.0) is going to require patching ASAP, the vulnerability exploits the “Toast” notifications in the operating system to change what users see on the screen (overlay attack), simply it allows a malware to obtain admin rights on targeted phones and take complete control of them.
The new high- severity vulnerability has been discovered by Palo Alto security researchers.
According to Palo Alto:
“This type of attack can be used to give malicious software total control over the device. In a worst-case attack scenario, this vulnerability could be used to render the phone unusable or to install any kind of malware including (but not limited to) ransomware or information stealers,”
Android toast messages are quick-lived pop-up notifications that appear on a mobile’s screen. Google defines them as “a (notification) message you display to the user outside of your app’s normal UI.”
The attack runs likewise to other overlay vulnerabilities, attackers can draw a window over other windows and apps running on the device. They can fool the victim into thinking they are clicking on a window, but in fact, they are clicking on another malicious window, where malware is installed or unwanted permissions (such as full privileges) are granted.
