Millions of Android users are at risk of being attacked after discovering a comprehensive security issue

Almost all Android smartphones can be vulnerable to remote code execution due to vulnerabilities detected in the audio decoders on Qualcomm and MediaTek chips.

The discovery of these vulnerabilities was made by Check Point Research (CPR), and if left unchecked, an attacker could exploit them to gain remote access to a device’s camera and microphone by using a malformed audio file. At the same time, an unprivileged Android app could exploit these vulnerabilities to escalate its privileges to spy on a user’s media data and listen to their conversations.