Huawei P9, P9 Plus, Mate 9, Mate 8 To Get Security OTAs


Huawei has announced that four of their flagship devices, being the Huawei P9, Huawei P9 Plus, Huawei Mate 8, and Huawei Mate 9, are set to get security bulletins in the near future that will address known security vulnerabilities reported to or found by Huawei recently. Huawei did not announce when these updates will come, only saying that they will come over the air to all users of the affected devices in an update sent either by Huawei directly or through mobile carriers. The vulnerabilities in question are all fairly serious, such as privilege escalation attacks or system crashing bugs.

For the Huawei P9 Plus, a malicious application has to be downloaded to the phone in question. This application cannot be downloaded by force, which means an attacker has to either trick a user into downloading it or gain physical access to the device to download it themselves. This vulnerability in question simply crashes the phone; it poses little danger of data being compromised, but can be annoying at best and result in data loss or bricking at worst. Both the Huawei P9 and the Huawei Mate 9 are vulnerable to an exploit known as CVE-2017-2703. This one requires physical access to the device, and offers root access through the Phone Finder function. Finally, CVE-2017-2698 affects both the Huawei P9 and the Huawei Mate 8, and requires a user with root access to download a malicious application. From there, the attacker can crash the phone or gain control via root privileges, making it one of the more dangerous exploits on this list.

Huawei is already scheduling updates for all four phones that will cover all of the exploits listed above. As mentioned, Huawei has not laid out a timeline for when these updates will hit. Huawei's security tracker lists no temporary fixes for these exploits, so users are advised to use caution to protect their devices until the patches hit; allow only trusted people and hardware around your phone, and do not download or install any apps that you're not entirely certain have a trustworthy origin and are what they claim to be. Sticking to the Play Store for app downloads is normally enough to fulfill the latter recommendation.

Share this page

Copyright ©2017 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.
Senior Staff Writer

Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, Voice assistants, AI technology development news in the Android world. Contact him at [email protected]

View Comments