LG promised to fix Stagefright and release monthly security updates in august 2015. Did they release update for international devices or you guys are still waiting?
About two weeks ago, I tried Zimperium (security firm which discovered Stagefright) stagefright detector and it reported that all is fixed. I have H815 V10d-EUR-XX.
But since then new vulnerabilities in mp3/mp4 parsing has been discovered, also by Zimperium, it was labeled as stagefright 2.0 by some media although it is unrelated to libstagefright. It is similar in nature that media files are used for exploit.
https://blog.zimperium.com/zimperiu...me-new-vulnerability-processing-mp3mp4-media/
I tried the detector app just now and it reports the new one CVE-2015-6602 is not fixed.
Can confirm H815 V10d EUR fixes all except CVE-2015-6602
I wonder if it's possible to manually patch libutils with root?
I think theres another stagefright issue that doesn't have a CVE number yet. Maybe theyre waiting on that too before pushing an update.
Related
Hi G3-Fans,
does anyone of you (with Stock) has an Android security patch level later than 2016-02-01?
A few months back I heard that LG is releasing a google patch which closes over 100 bugs/issues. So far, the software update does not show anything new (neither OTA nor Support Tool). Is there a way to enforce the patch installation manually?
Many thanks in advance .
My wife has an unlocked N920A note 5 that she uses with Ting. While investigating some unrelated battery issues she was suffering from (a game she played was consuming battery in the background) I noticed her last security patch was listed as Oct 2016. The software update button says she's at the most current, but she doesn't have an AT&T sim in the phone so I don't know if that's actually checking. I tried updating via Samsung's smart connect but that claims her phone is up to date as well. Oct 2016 seems rather old for security patches though; sadly I'm largely in the dark when it comes to flashes/modding phones. I've seen the threads here describing update steps, but the baseband version is listed N920AUCS3CPJ1 which seems to be an even earlier baseband version than any update guide I've found starts with. Is there anyway she can update her phone further, officially or otherwise? Would an AT&T sim possibly help, or is Oct 2016 actually the last security update the N920As received?
Calibrex said:
My wife has an unlocked N920A note 5 that she uses with Ting. While investigating some unrelated battery issues she was suffering from (a game she played was consuming battery in the background) I noticed her last security patch was listed as Oct 2016. The software update button says she's at the most current, but she doesn't have an AT&T sim in the phone so I don't know if that's actually checking. I tried updating via Samsung's smart connect but that claims her phone is up to date as well. Oct 2016 seems rather old for security patches though; sadly I'm largely in the dark when it comes to flashes/modding phones. I've seen the threads here describing update steps, but the baseband version is listed N920AUCS3CPJ1 which seems to be an even earlier baseband version than any update guide I've found starts with. Is there anyway she can update her phone further, officially or otherwise? Would an AT&T sim possibly help, or is Oct 2016 actually the last security update the N920As received?
Click to expand...
Click to collapse
I have the same problem, but the last update on mine is Aug 1, 2017! I just found this site from ATT and the latest update is July 2, 2018?!!
I reinstall smart switch twice but still says I have the latest update?.
Google ( Software update for the Samsung Galaxy Note 5 (N920A) ) and click the first link from att and you will what's the latest update.
You would be the first person around here to have seen a device with an intact PJ1 Bootloader though. Old Post, but do you still have it? All the downloadable versions I ever heard of came with a corupted BL so it won't flash.
Is it possible to upgrade to nougat with a N920AUCS3CPJ1 device running marshmallow?
Just received a new OS update for my H933 on Koodo. It's Sept security update. Brings the ver to H93320g
Any info in the changelog?
bnevets27 said:
Any info in the changelog?
Click to expand...
Click to collapse
Just Security update and bug fixes. No major changes.
bnevets27 said:
Any info in the changelog?
Click to expand...
Click to collapse
There's not going to be any changes until Pie. "B" (at least on US998) did bring a silent notifications fix.
The July security update tries to block our WTF bootloader unlock exploit, but LG feels nothing else needs fixing. So, probably all "Oreo" updates will just be security patches until we get Pie sometime next year.
ChazzMatt said:
There's not going to be any changes until Pie. "B" (at least on US998) did bring a silent notifications fix.
The July security update tries to block our WTF bootloader unlock exploit, but LG feels nothing else needs fixing. So, probably all "Oreo" updates will just be security patches until we get Pie sometime next year.
Click to expand...
Click to collapse
Man, they really watch these threads like a hawk.
Sent from my LG-H932 using XDA Labs
I hope they do, and maybe they learn something, start listening their customers...
As anyone received an update to May's security patch? Even Samsung devices are more up to date, I thought by getting a Pixel this would be guaranteed... It seems there are issues with updates for this phone, I mean, pulling this device from the beta program, for the Android Q and no updates so far, strange...
Would like to see if anyone knows what could be causing this delay.
Yes we all know. June you'll get everything. Probably on the 3rd. It's been announced over and over. Google search for Pixel 3a security update shows this:
https://9to5google.com/2019/05/10/pixel-3a-security-patch-old/
You could have done that yourself in less time it took to post this.
Without waiting until June when they issue patches for this device, the only way to update your security level at this time is by manually flashing the Q beta from the full factory images (you can only do this if your device is bootloader-unlocked).
Otherwise, as the other user stated, updates will start in June, including Q beta OTA enrollment.
Hi and apologies for the newbie question, Im not very techinical but need some help/advice please. I have a Poco F3 bought new not long ago. Its Running :-
MIU Global 14.07.0 (TKHEUXM)
Andoird Version 13 TKQ1.220829.002
Android Security Update 2023-02-01
The issue I have is that lots of my work apps (Outlook, Teams mainly) wont run becuase security at work requires that I am on at least the March Android Security Update. However my phone doesnt see these update. I dont particularly want to have to buy a new phone (work wont pay for one!) as I only bought it recently. Do any of you kind people know of a way that I can update my version of Android or at least get a newer security update installed on my current phone please.
Thanks for reading and your time in advance.
Strange. Why would apps require you to have such recent of a system update? Most Android phones don't get updated quickly.
Are you sure of this? Where did you read that? Ideally please provide some screenshots to see
Edit: It is possible for you to get a newer security patch, but you'll have to unlock your phone's bootloader and flash a Custom OS on it, which will be too much work (and has caveats), just for getting apps to work.
Second and preferred option is to just wait for Xiaomi to release a system update with updated security patch, but I can't tell you how long they'll take
charliev7 said:
Hi and apologies for the newbie question, Im not very techinical but need some help/advice please. I have a Poco F3 bought new not long ago. Its Running :-
MIU Global 14.07.0 (TKHEUXM)
Andoird Version 13 TKQ1.220829.002
Android Security Update 2023-02-01
The issue I have is that lots of my work apps (Outlook, Teams mainly) wont run becuase security at work requires that I am on at least the March Android Security Update. However my phone doesnt see these update. I dont particularly want to have to buy a new phone (work wont pay for one!) as I only bought it recently. Do any of you kind people know of a way that I can update my version of Android or at least get a newer security update installed on my current phone please.
Thanks for reading and your time in advance.
Click to expand...
Click to collapse
I heard xiaomi dropped support for poco f3 so it won't be getting updates anymore (not sure about security updates). If security updates are your main concern, i would suggest buying an iphone instead as its updates are pushed on every model no matter how old it is. Pixel phones get speedy updates as well. Also, I've used teams and outlook on old android versions myself. I dont see how it's possible for them to enforce a specific security patch. As the user above stated, a screenshot would be very helpful. Also i know its not my place to say this but if your company somehow made outlook and teams enforce security patches, they should sponsor an appropriate phone to their employees as well.
Disregard
Thanks for replying. The screenshot below is what I get when I try Outlook/Teams. Interesting I didnt realise support for the POCO F3 had stopped,, Its the android security update thats the issue. The org is attempting to pass cyberessentials and this is part of the aftermath of locking security on devices. The enforcment is being done by enrolling your device into a policy. If you dont enroll you cant access company data using your phone, if you do enroll then the policy kicks in and requires your device is compliant.
charliev7 said:
Thanks for replying. The screenshot below is what I get when I try Outlook/Teams. Interesting I didnt realise support for the POCO F3 had stopped,, Its the android security update thats the issue. The org is attempting to pass cyberessentials and this is part of the aftermath of locking security on devices. The enforcment is being done by enrolling your device into a policy. If you dont enroll you cant access company data using your phone, if you do enroll then the policy kicks in and requires your device is compliant.
Click to expand...
Click to collapse
You can try asking your organisation to adjust their Microsoft Intune Enrollment Settings, to loosen Android Security Patch Requirement from March to February (your current security patch), or if they can somehow accept your device anyway.
I'm very sure Poco F3 will continue to get Security Patches for the timebeing, only the OS Update to Android 14 is uncertain. It will definitely still get the OS Update to Android 13.1 tho.
Yeah tried both asking for a bit of leniancy and exclusion but no luck. I hope you are right about the security patches, wish they were a bit more timely. It's so convenient to have access via mobile. It's tough luck for my boss and team though as I do a lot of stuff out of hours via phone which I won't do now unless I/they find a solution. I'm certainly not buying a new phone myself. I really appreciate all your replies and for those taking the time to read my query. Thank You.
cyanGalaxy said:
You can try asking your organisation to adjust their Microsoft Intune Enrollment Settings, to loosen Android Security Patch Requirement from March to February (your current security patch), or if they can somehow accept your device anyway.
I'm very sure Poco F3 will continue to get Security Patches for the timebeing, only the OS Update to Android 14 is uncertain. It will definitely still get the OS Update to Android 13.1 tho.
Click to expand...
Click to collapse
ApexPrime said:
I heard xiaomi dropped support for poco f3 so it won't be getting updates anymore (not sure about security updates). If security updates are your main concern, i would suggest buying an iphone instead as its updates are pushed on every model no matter how old it is. Pixel phones get speedy updates as well. Also, I've used teams and outlook on old android versions myself. I dont see how it's possible for them to enforce a specific security patch. As the user above stated, a screenshot would be very helpful. Also i know its not my place to say this but if your company somehow made outlook and teams enforce security patches, they should sponsor an appropriate phone to their employees as well.
Click to expand...
Click to collapse
It will still receive security patch at least for 1 year