Platform Vulnerabilities.


A computing platform is the environment in which a piece of software is executed. It may be the hardware or the operating system (OS), even a web browser or other underlying software, as long as the program code is executed in it. Computing platforms have different abstraction levels, including a computer architecture, an OS, or runtime libraries. A computing platform is the stage on which computer programs can run.

A platform can be seen both as a constraint on the software development process, in that different platforms provide different functionality and restrictions; and as an assistance to the development process, in that they provide low-level functionality ready-made. For example, an OS may be a platform that abstracts the underlying differences in hardware and provides a generic command for saving files or accessing the network.


Platform Vulnerabilities

In any complex software system, there are bound to be flaws and security vulnerabilities. Mobile device operating systems are no exception. Security vulnerabilities in mobile operating systems and applications are regularly identified and must be fixed to prevent attackers from using them to compromise systems. In fact, a number of vulnerabilities have been exploited on both Android and iOS devices.
As with PCs, software patches are used to fix vulnerabilities on mobile devices. In the PC world, common processes like patch management are relatively simple. Software vendors deliver online updates to licensed users on a regular schedule or as needed. On mobile devices, depending on the nature of the vulnerability, a patch may be as simple as updating a single application or as complex as a firmware update that involves both the device manufacturer and the carrier. Critical vulnerabilities on mobile devices, such as kernel or web browser issues, often require a firmware update if they occur in software that is highly integrated into the operating system. Given the differences in the mobile ecosystems, patch management processes vary by OS.



Establish and enforce policies. All company mobile device need to be updated to use corporate data.
Mobile Device Management is an important monitoring and enforcement tool including enforcing mobile updates.
Prevent jailbreaking(root). Jailbreaking(root) is the process of removing the security limitations imposed by the operating system vendor. To “jailbreak” or to “root” means to gain full access to the operating system and features. This also means breaking the security model., Wikipedia, ec-council.

Recommended Posts

Leave a Comment

1 × one =