Generally, if you stay away from malicious sites, and don’t click any strange links that are sent to you, you’re going to keep your computer or phone pretty safe. After all, for an attacker to actually accomplish anything on your device, they need a way in. Well, on some Android phones, just being on the same WiFi network as your attacker can give them everything they need.
A recent vulnerability was found in Android phones using Broadcom WiFi chips. Specifically, anyone on the same network that also used a Broadcom chip could send wireless control packets to affected devices. These packets could be used to corrupt the kernel’s memory and allow the attacker to run code within the kernel itself.
It’s unlikely that you would run into this, unless you’re on a large WiFi network where someone is specifically sitting there trying to find vulnerable devices. The other good news is that Google has now patched this issue with the Broadcom WiFi driver, so if you update your Android device, this shouldn’t be an issue at all.
The company also patched several other vulnerabilities, one for Qualcomm chips that allowed similar kernel access, but only if you had a local app installed with malicious code. Several other minor vulnerabilities were patched as well.
VIA: PC World