Unified-Firewalls-Rohde-Schwarz-Cybersecurity

Security gap in messenger services: Are there implications for iOS and Android?

Does the critical vulnerability discovered on August 31 by Google's Project Zero in one of the most widely used messengers also have a direct impact on the iOS and Android operating systems used?

So far, this potential possibility has not been practically substantiated. Although today's mobile operating systems iOS and Android are becoming more and more secure, which means that attackers often have to exploit a whole chain of different security gaps to realize a successful attack, a successful attack can only rarely be completely excluded.

For a successful attack, it would be necessary to take advantage of the crash, introduce code, increase privileges in order to break out of the app context and then persist the introduced code so that it would also survive a reboot of the operating system. All individual steps can differ on different device types, so that attackers would have to expend considerable time and effort in order to enable large-area and reliable use.

Protected by the use of secure Rohde & Schwarz Cybersecurity products

With R&S®Trusted Mobile, Rohde & Schwarz Cybersecurity provides its own Android-based, comprehensively hardened operating system for mobile devices for companies and organizations. R&S®Trusted Mobile is divided into two areas: "Open" and "Restricted", which are completely isolated from each other by kernel-based hardening mechanisms. The open area (optionally fully controllable by the organization) behaves like a standard Android, i.e. apps from Google PlayStore can be installed and these can communicate via the interfaces available on the device.

The restricted area (which must be completely controlled by the customer) represents an extension of the customer intranet, because all communication from this area is carried out via a VPN that terminates in the customer infrastructure. This prevents confidential data from being exchanged via potentially insecure communication channels.

If customers use popular messengers on R&S®Trusted Mobile and a successful attack is carried out, as outlined above, "only" the open area with its applications would be affected. The restricted area with the confidential company data is not affected. In addition, Rohde & Schwarz Cybersecurity also takes measures to ensure that no data in the restricted area is affected by privilege escalation in the open area.

Rohde & Schwarz Cybersecurity provides R&S®Trusted Mobile with security updates at short, regular intervals, but is also able to react quickly to highly critical bugs.

Do you have any questions about current or general IT security challenges? Please contact us!

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to news@rohde-schwarz.com. Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.