diff options
Diffstat (limited to 'en/security/overview/updates-resources.html')
-rw-r--r-- | en/security/overview/updates-resources.html | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/en/security/overview/updates-resources.html b/en/security/overview/updates-resources.html index ddc053a4..d1aa9b61 100644 --- a/en/security/overview/updates-resources.html +++ b/en/security/overview/updates-resources.html @@ -225,10 +225,12 @@ remote. These include bugs that can be exploited only by an attacker who is physically near the target device, for example a bug that requires sending malformed Wi-Fi or Bluetooth packets.</p> -<p>Local attacks require the victim to install an app. For the purpose of severity -ratings, the Android security team also considers physical attack vectors as -local. These include bugs that can be exploited only by an attacker who has -physical access to the device, for example a bug in a lock screen or one that +<p>Local attacks require the victim to run an app, either by installing and running +an app or by consenting to run an +<a href="https://developer.android.com/topic/google-play-instant/">Instant App</a>. +For the purpose of severity ratings, the Android security team also considers physical +attack vectors as local. These include bugs that can be exploited only by an attacker +who has physical access to the device, for example a bug in a lock screen or one that requires plugging in a USB cable. The Android security team also considers NFC-based attacks as local.</p> |