LG has recently patched two severe flaws in its default keyboard on all LG smartphones that could be used for remote code execution with elevated privileges. Lee Munson, Security Researcher at Comparitech.com commented below.
Lee Munson, Security Researcher at Comparitech.com:
“Anyone who owns an LG smartphone that is susceptible to a recently discovered remote code execution flaw, related to the device’s keyboard, should immediately patch their device.
“Failing to do so could leave them open to attacks designed to hijack browsing sessions or, worse, steal their personal information.
“Owners of other Android devices should also be aware of a second keyboard flaw that could allow malware to be remotely inserted into their device. Depending on the manufacturer of the device, an appropriate patch should be available via the appropriate section of their website.”