• catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    ·
    5 months ago

    But known exploits that have been patched, but not applied because they didn’t update their phone, are plentiful enough.

    Update your phones. Reboot them regularly, too.

    • henfredemars@infosec.pub
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      This is true, but becoming an increasingly less important factor because devices now ship with automatic updates enabled by default.

      Personally, if I had to guess as someone who studies exploits for a living, I’d wager the device isn’t the most recent model and is probably a few years old, so there are likely known unpatchable bootrom or firmware bugs that can be used from their private arsenal without having to risk an actual zero day exploit.