Huawei has released the October security 2021 patch that soon rollout for eligible smartphones and tablets running on HarmonyOS. This monthly update fixes several known issues and vulnerabilities to resolve the improper behavior of the devices.

While exploring the patch details, we have come to know about a serious issue that can cause injection attacks, memory leakage, and compromised application. However, the HarmonyOS October 2021 security release note will fix this issue in the affected devices. You can check the basic details below-

• Affected Sector: Applications
• CVE: CVE-2021-37116
• Description: It’s an input verification vulnerability
• Impact: Successful exploitation of this vulnerability may affect the data confidentiality and product availability

The input verification issue with high severity is only affecting the devices working on HarmonyOS 2.0 system. The device infected will this issue, accepts improper data or information while receiving data from an external party especially from untrusted sources.

An attacker can intentionally send malicious input into the system. Meanwhile, the affected devices aren’t able to verify the authenticity of the data and take it. It causes an application to carry out some unplanned action such as data leakage or confidential information exposers.

Moreover, the attackers relay malicious code through an application to another system that accepts it due to holes in input verification algorithms. Luckily, as the latest HarmonyOS security patch will be released for the devices, this input verification issue will be fixed.

Besides, the security update also acknowledged 2 medium levels of CVE in the framework, 2 high and 4 medium levels CVEs in the kernel, and 1 high and 5 medium to low-level system threats. In addition, 2 critical, 3 high and 6 medium levels security threats fix in the HarmonyOS 2.0 applications.

With the release of the September 2021 Security Patch details, Huawei highlights the bugs and their fixes for the Huawei and Honor devices. It’ll fix various issues in the system alongside a Bluetooth bug that could harm a user in several ways.

The latest security patch includes a medium-level bug fix identity as CVE-2021-37039 on the smartphones running on EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1 Android skins. Once an attacker successfully exploits cross this Bluetooth bug, it may cause a serious Bluetooth DoS.

What is Bluetooth DoS:

The Bluetooth system in any device can be the mean of DoS (Denial of service) attracts and cloud seriously harm the victim. In BT DoS, the attacker or hacker frequently requests to pair the target’s Bluetooth device with his in order to access the personal info of the soon-to-be victim.

However, Huawei has timely recognized this flaw and release the patch fix. Once it reaches the device holders, they will get input verification notice before their device is paired with the other. It’ll help them to avoid intruders.

In simple words, when someone wants to establish a BT connection with users, the device will ask for the owner’s permission before connecting the other device. If the second user is a known person, you can accept the request and can grant the permission. Furthermore, you can also deny it, if you don’t know the origin of the second device.

Know More: Monthly and Quarterly: September 2021 Huawei EMUI Devices (New and Old)

Although Huawei has released the patch details, the company hasn’t started the rollout process. It’s still releasing the June and July security patches not to talk about the August security release. Until the patch is available to the users, they can try to avoid enabling their BT, while not in use.

That’s all for now, Stay connected with us for more updates about Huawei.

HarmonyOS is a long-awaited operating system that made its debut at HDC 2019, and with initially lightened the smart screens smart TVs. However, Huawei quickly jumped into the improvement pipeline and made more improvements to this new OS.

In the following year, Huawei introduced HarmonyOS 2.0 at Huawei Developer Conference 2020 and announced its arrival for smartphones, which was a very surprising moment of the conference.

As last December became the first milestone in HarmonyOS 2’s journey in smartphones with the initiation of beta testing.

And on June 2, 2021, the Chinese tech giant finally made this operating system available on smartphones and began the public testing of the device.

Since then, Huawei is continuously upgrading eligible devices with a bunch of software updates and patches to improve the overall system stability, fixed bugs, and optimize the user experience.

Battery and WiFi issue:

But there are a few issues that hit hard HarmonyOS beta testers. These are related to WiFi and Battery performance.

According to the information, during the testing, a large number of beta testers have reported problems with WiFi connection and weak battery performance after upgrading to HarmonyOS 2. These kinds of problems are quite common in beta testing.

Thereafter, Huawei began the rollout of new software updates coupled with optimizations and fixes for issues in the WiFi and battery section. Aside from these, Huawei also sending optimizations for fingerprint scanner efficiency on support devices running HarmonyOS 2.

Furthermore, Huawei is planning a big upgrade that will rollout this month and expected to bring a number of new changes in the user interface as well as in features.

Learn more about HarmonyOS features in the linked article below.

HarmonyOS Features: Control Panel, Super Device, Service Center, App Gestures, Task Center, Widgets and more