Stagefright 2.0: over 1bn Android smartphones exposed to latest bug

Stagefright 2.0: over 1bn Android smartphones exposed to latest bug

0

Holes in video and sound management systems could allow hackers to take over your apparatus just by seeing a web site, warn security specialists.

Security specialist Mark James, said: “Seeing a web site and previewing an infected tune or video file could enable the attacker to get access to your own mobile apparatus and run remote code, in theory permitting them complete access to your own apparatus empowering them to do whatever they want … including installing other malware, or simply harvesting your information to be used in identity theft.”

The vulnerability affects those smartphones which have had the first Stagefright bug like google ‘s Nexus apparatus and the Galaxy S6 set of Samsung.

“The first susceptibility (in libutils) affects nearly every Android apparatus since version 1.0 released in 2008.

We found strategies to activate that susceptibility in apparatus running version 5.0 and upwards using the second susceptibility (in libstagefright),” said Zimperium, the firm that first revealed the initial Stagefright bug.

“The first variant of Stagefright needed some advice, specifically your cellular number in order to send the text message to your own apparatus,” says James. This new variant doesn’t even should know all of your advice to reach your goals. This, in theory, enables a considerably broader audience and really could empower access to over 1bn android apparatus.”

Google was notified of the bugs. The mediaserver service has access to sound and video streams along with access to privileges that third party programs cannot typically access.”

The bugs are due to be patched in the monthly security update of Google for its Nexus smartphones. Patches for other smartphones are going to be in the discretion of the cell phone suppliers as well as their makers.

Google provided manufacturing companies with the fixes on 10 September.

Samsung, LG, Google and others have vowed to roll out monthly security upgrades in the aftermath of the Stagefright bug that was first.

“You definitely must believe before visiting sites, all too frequently people neglect to realize their cellular devices are just as much at risk as their desktop computers,” said James.

SIMILAR ARTICLES

0

0