{"id":24124,"date":"2022-05-09T21:30:03","date_gmt":"2022-05-09T18:30:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=24124"},"modified":"2022-05-09T21:30:03","modified_gmt":"2022-05-09T18:30:03","slug":"son-android-guncellemesinde-iki-kiymetli-acik-tespit-edildi","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=24124","title":{"rendered":"Son Android G\u00fcncellemesinde \u0130ki K\u0131ymetli A\u00e7\u0131k Tespit Edildi"},"content":{"rendered":"

Google, son ayl\u0131k Android g\u00fcncellemesinde yer alan iki de\u011ferli g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 ortaya \u00e7\u0131kard\u0131. Bu g\u00fcvenlik a\u00e7\u0131klar\u0131;\u00a0Android ayg\u0131tlar\u0131,\u00a0uzaktan<\/strong> kod<\/strong> \u00e7al\u0131\u015ft\u0131rma\u00a0<\/strong>ismi verilen bir h\u00fccuma a\u00e7\u0131k h\u00e2le getiriyor.\u00a0CVE-2020-0117 ve CVE-2020-8597 ismi verilen iki a\u00e7\u0131k,\u00a0Android<\/strong> Sistem<\/strong> b\u00f6l\u00fcm\u00fcnde\u00a0yer al\u0131yor.\u00a0<\/p>\n

Bahsedilen a\u00e7\u0131klar\u0131 kullanan\u00a0sald\u0131rganlar, uzaktan \u00f6zel olarak tasarlanm\u0131\u015f bir g\u00f6nderiyi kullanarak rastgele kodlar\u0131 \u00e7al\u0131\u015ft\u0131rabilirler. Bu a\u00e7\u0131klar\u0131n Android 8'den Android 10'a<\/strong> kadar olan s\u00fcr\u00fcmleri etkiledi\u011fi belirtiliyor. Bu a\u00e7\u0131klar\u0131n e-posta, web taramas\u0131 ve medya evraklar\u0131 i\u015flendi\u011fi esnada MMS<\/strong>\u00a0yoluyla<\/strong> kullan\u0131labilece\u011fi tabir ediliyor.<\/p>\n

Sald\u0131rganlar; bilgilerinize ula\u015fabilir, onlar\u0131 de\u011fi\u015ftirebilir ya da silebilir:<\/b><\/p>\n

<\/p>\n

Uygulamayla irtibatl\u0131 ayr\u0131cal\u0131klara ba\u011fl\u0131 olarak rastgele bir sald\u0131rgan; uygulama y\u00fckleyebilir, bilgileri de\u011fi\u015ftirebilir ya da silebilir. Sald\u0131rganlar bunun yan\u0131 s\u0131ra\u00a0tam kullan\u0131c\u0131 m\u00fcsaadelerine sahip yeni<\/strong> hesaplar<\/strong> olu\u015fturabilir. Sistem'i etkileyen ba\u015fka iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131ysa (CVE-2020-0116 ve CVE-2020-0119) Android 10'u etkileyen y\u00fcksek k\u0131ymet derecesine sahip bilgi a\u00e7\u0131\u011fa \u00e7\u0131karma\u00a0sorunlar\u0131. Google, bu a\u00e7\u0131klar hakk\u0131nda teknik detay vermedi<\/strong>.<\/p>\n

Haziran g\u00fcvenlik g\u00fcncellemelerinin i\u015faret etti\u011fi y\u00fcksek de\u011ferdeki a\u00e7\u0131klar\u0131n\u00a0i\u00e7inde Android Framework'\u00fcn de yer ald\u0131\u011f\u0131 \u00f6teki k\u0131s\u0131mlarda de g\u00f6r\u00fcld\u00fc\u011f\u00fc belirtiliyor. Bunlar ortas\u0131nda Android 10'da yer alan bir 'Elevation of Privilege' (EoP)<\/em> a\u00e7\u0131\u011f\u0131 (CVE-2020-0114) bulunuyor. Bu a\u00e7\u0131k, mahall\u00ee bir makus niyetli uygulaman\u0131n ek izinlere eri\u015fim sa\u011flamas\u0131 hedefiyle kullan\u0131c\u0131 etkile\u015fim ihtiya\u00e7lar\u0131n\u0131n etraf\u0131ndan dolanmas\u0131n\u0131 sa\u011fl\u0131yor.\u00a0<\/p>\n

Bunlar\u0131n yan\u0131 s\u0131ra\u00a0Google, CVE-2020-0115 ismi verilen ve Android 8'den Android 10'a kadar tesirde bulunan bir \u00f6b\u00fcr EoP a\u00e7\u0131\u011f\u0131yla CVE-2020-0121 ismi verilen ve Android 10'u etkileyen a\u00e7\u0131k hakk\u0131nda bilgilendirme yapt\u0131.\u00a0Android<\/strong> Media<\/strong> Framework<\/strong> i\u00e7in de iki a\u00e7\u0131\u011fa (CVE-2020-0118 ve\u00a0CVE-2020-0113) yama yay\u0131nland\u0131.\u00a0<\/p>\n

<\/p>\n

Son olarak\u00a0Android'in \u00e7ekirdek\u00a0bile\u015fenlerinde \u00fc\u00e7 adet y\u00fcksek de\u011fer dereceli\u00a0g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespit edildi. Android'in yan\u0131 s\u0131ra Android ayg\u0131tlar taraf\u0131ndan kullan\u0131lan Qualcomm<\/strong> yongalar\u0131nda da iki<\/strong> de\u011ferli<\/strong> ve uzaktan istismara m\u00fcsaade veren g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulundu. Her iki a\u00e7\u0131k da\u00a0Qualcomm'un ta\u015f\u0131nabilir yongalar\u0131ndaki\u00a0modem k\u0131sm\u0131nda tespit edildi.<\/p>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

Google, son ayl\u0131k Android g\u00fcncellemesinde yer alan iki de\u011ferli g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 ortaya \u00e7\u0131kard\u0131. Bu g\u00fcvenlik a\u00e7\u0131klar\u0131;\u00a0Android ayg\u0131tlar\u0131,\u00a0uzaktan …<\/p>\n","protected":false},"author":1,"featured_media":24125,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[854],"tags":[1532,1042,1125,4285],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24124"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24124"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24124\/revisions"}],"predecessor-version":[{"id":24126,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24124\/revisions\/24126"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/24125"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}