Keeping your device up-to-date has become an important part of owning a connected product. Not only do updates provide the latest in terms of features, but can also offer the user a more secure experience. LG has now issued an update for those using a G3 that will patch a vulnerability that was discovered last week.
Researchers at Cynet and BugSec discovered a fairly severe vulnerability in the 'Smart Notice' app that is installed by default in G3 devices. The 'SNAP' vulnerability allows "an attacker to run arbitrary JavaScript code on the devices" that can "easily lead to authentic phishing attacks and to a full denial of service (DOS) on the device". In essence, if data is being funneled to the 'Smart Notice' unchecked, a malicious notification can be passed, and when checked will allow malicious code to be executed.
As previously mentioned, LG has already issued a patch for the vulnerability that affects millions of G3's. So if you have not done so yet, be sure to update your LG G3 immediately. LG has also started rolling out an update that brings its handset to the latest version of Android 6.0, Marshmallow.
Source: Cynet via Ars Technica
7 Comments - Add comment