Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Security flaw lets attackers recover private keys from Qualcomm chips

24 Apr 2019   #1
Brink

64-bit Windows 10 Pro
 
 
Security flaw lets attackers recover private keys from Qualcomm chips

Quote:
Devices using Qualcomm chipsets, and especially smartphones and tablets, are vulnerable to a new security bug that can let attackers retrieve private data and encryption keys that are stored in a secure area of the chipset known as the Qualcomm Secure Execution Environment (QSEE).

Qualcomm has deployed patches for this bug (CVE-2018-11976) earlier this month; however, knowing the sad state of Android OS updates, this will most likely leave many smartphones and tablets vulnerable for years to come.

WHAT IS THE QSEE?

The vulnerability impacts how the Qualcomm chips (used in hundreds of millions of Android devices) handles data processed inside the QSEE.

The QSEE is a Trusted Execution Environment (TEE), similar to Intel's SGX.

It's a hardware-isolated area on Qualcomm chips where the Android OS and app developers can send data to be processed in a safe and secure environment, where the Android OS and no other app can reach and access the sensitive data, except the application that placed the data there, in the first place.

Data processed inside the QSEE usually includes private encryption keys and passwords, but the QSEE can handle anything an app wants to hide from prying eyes...


Read more: Security flaw lets attackers recover private keys from Qualcomm chips | ZDNet


My System SpecsSystem Spec
.
24 Apr 2019   #2
F22 Simpilot

Windows 7 Ultimate x64
 
 

Welp, my phone is vulnerable. And I don't see the CVE here???? CVE security vulnerability database. Security vulnerabilities, exploits, references and more

2018 I guess is when the damn flaw was discovered. Gotta wonder if a third-party App that could encrypt your phone would be better?
My System SpecsSystem Spec
Reply

 Security flaw lets attackers recover private keys from Qualcomm chips




Thread Tools



Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:55.
Twitter Facebook