Google has taken a step toward securing its Nexus 6 and Nexus 6P smartphones by shutting down a high severity exploit and in turn fixing modem vulnerability.
The Nexus 6 and Nexus 6P are manufactured by Motorola and Huawei, respectively. The two Nexus smartphones allowed attackers to have easy access to the USB, thereby taking over the on-board modem when the device is booted up.
Earlier, in one of our reports on the January Security Patch, we revealed facts about the significant monthly security update that Google pushes out to ensure better performance of Android-powered devices.
The sole reason behind this monthly update is to curb any flaws that make smartphones vulnerable. This immediate fix definitely helps the company maintain its reputation, as well as its customers satisfied.
Google Patch: Software Update
According to reports, Google's Nexus 6P and Nexus 6 allowed hackers to take over the modem, which would let them access all the device data. The security researchers have taken measures according to which they have quietly patched the modem vulnerability and blocked any such hacking attempts.
Security has always been a pressing issue that concerns users. With USB access, hackers could easily listen to phone calls or intercept mobile data packets.
Reports suggest that attackers used virus-infected computers and malicious power providers that would offer them easy access to the hidden USB interfaces. This sort of vulnerability would have jeopardized the company's reputation in the market, so getting an immediate fix was crucial.
Nexus 6 And Nexus 6P USB Vulnerability Patch
The initial exploit - discovered by the IBM X-Force team - was a flaw in the boot mode of the Nexus line of phones. The smartphones with Android Debug Bridge enables app developers to load APKs. The whole purpose of having the ADB was to download the apps without much hassle.
The most interesting fact that the researchers divulged was that the hackers could activate the USB even if it was set as disabled in the settings. Once successful in their attempts, the hackers could steal information like the IMEI number from the phones, place calls, and also track GPS coordinates. In the EFS partition they could even change the items.
The best part about Google's endeavor to launch its modem patch is that it had fortunately come up with the solution even before the users faced any such untoward incident. The modem patch basically curbed the hackers from creating any menace.
Google released these patches even before the public got to know of any of these exploits. The Nexus 6 got patched in November 2016, whereas the Nexus 6P got upgraded earlier this month.