sujith Posted October 1, 2015 Share Posted October 1, 2015 Reports from several security researchers claim more than a billion users could be affected by the newly discovered Stagefright security flaws in Android devices. The two vulnerabilities, which leave Android users open to attacks, have been dubbed as "Stagefright 2.0" by mobile security company Zimperium zlabs. Joshua Drake, the company's VIP of research, reports that an attack on the mobile OS can be triggered by simply previewing an affected song or video as the vulnerability itself lies within the metadata. Processing MP3 or MP4 files could lead to arbitrary code execution. He claims that as apps have now been updated to remove the MMS vector available in their previous versions, this time the carrier could be the device's web browser. According to the researcher, this could be done in the following ways: An attacker would try to convince an unsuspecting user to visit a URL pointing at an attacker controlled Web site (e.g., mobile spear-phishing or malicious ad campaign).An attacker on the same network could inject the exploit using common traffic interception techniques (MITM) to unencrypted network traffic destined for the browser.3rd party apps (Media Players, Instant Messengers, etc.) that are using the vulnerable library. Speaking to Motherboard, Drake states that all Android devices starting from Android 1.0 to the current version of the OS are affected by these vulnerabilities, as the patch to fix it has not yet been made available. Zimperium zLabs' founder and chief technology officer claims that, "I cannot tell you that all of the phones are vulnerable, but most of them are." Given that an estimated 1.4 billion Android users may be affected, the company has reported vulnerabilities to Google's Android Security Team who has assigned it a CVE-2015-6602 to track one of the issue. However, Google is yet to provide a CVE tracking number for the second vulnerability. The company has been testing a patch privately with various manufacturers to fix the problem and will reportedly roll out a patch for its Nexus devices on October 5. Source Official Blog Announcement Link to comment Share on other sites More sharing options...
sujith Posted October 1, 2015 Author Share Posted October 1, 2015 Just when Stagefright 1.0 was patched, new one now. :doh:Custom rom users and nexus users should be covered though in next updates. :hypocrite: Link to comment Share on other sites More sharing options...
vissha Posted October 1, 2015 Share Posted October 1, 2015 People, atleast by now try to understand the Google's policy of not patching each and every Android device. I'd recommend buying Ubuntu phone or any other OS which will be patched for the lifetime of the device. Link to comment Share on other sites More sharing options...
sanjoa Posted October 1, 2015 Share Posted October 1, 2015 And if Google writes Android from scratch? This things won't happen I think Link to comment Share on other sites More sharing options...
rudrax Posted October 2, 2015 Share Posted October 2, 2015 And if Google writes Android from scratch? This things won't happen I thinkDelete your private nude pics fast! :lol: Link to comment Share on other sites More sharing options...
jtmulc Posted October 2, 2015 Share Posted October 2, 2015 People, atleast by now try to understand the Google's policy of not patching each and every Android device. I'd recommend buying Ubuntu phone or any other OS which will be patched for the lifetime of the device.Google only patches the OS and releases it. They don't have all the drivers to update every device, just their Nexus ones. It's up to the manufacturers to adapt and disseminate the updated OS to all their devices. It's terribly inefficient, but they can't issue patches like Apple does because Google doesn't own the hardware. Link to comment Share on other sites More sharing options...
vissha Posted October 2, 2015 Share Posted October 2, 2015 People, atleast by now try to understand the Google's policy of not patching each and every Android device. I'd recommend buying Ubuntu phone or any other OS which will be patched for the lifetime of the device.Google only patches the OS and releases it. They don't have all the drivers to update every device, just their Nexus ones. It's up to the manufacturers to adapt and disseminate the updated OS to all their devices. It's terribly inefficient, but they can't issue patches like Apple does because Google doesn't own the hardware.Don't give lame excuses to support the big fat sh*t, Google. How Canonical is able to patch devices like BQ, Meizu and Nexus? Also, Canonical mentioned all devices will be supported for the lifetime with free upgrades [like 15.04, 15.10, 16.04,...]. Link to comment Share on other sites More sharing options...
sanjoa Posted October 2, 2015 Share Posted October 2, 2015 And if Google writes Android from scratch? This things won't happen I thinkDelete your private nude pics fast! :lol::rofl: :lmao: and your mum's nude pics too :tehe: Link to comment Share on other sites More sharing options...
rudrax Posted October 2, 2015 Share Posted October 2, 2015 And if Google writes Android from scratch? This things won't happen I thinkDelete your private nude pics fast! :lol: :rofl: :lmao: and your mum's nude pics too :tehe:Involving mum, things won't go funny in this scenario mate. Better you learn the basics of making fun. Link to comment Share on other sites More sharing options...
sanjoa Posted October 2, 2015 Share Posted October 2, 2015 And if Google writes Android from scratch? This things won't happen I thinkDelete your private nude pics fast! :lol: :rofl: :lmao: and your mum's nude pics too :tehe:Involving mum, things won't go funny in this scenario mate. Better you learn the basics of making fun.:Lmao: :rofL: :lol: :DBTW with this things, it makes me thinking on earning some money and buy an iPhone Link to comment Share on other sites More sharing options...
rudrax Posted October 3, 2015 Share Posted October 3, 2015 And if Google writes Android from scratch? This things won't happen I thinkDelete your private nude pics fast! :lol: :rofl: :lmao: and your mum's nude pics too :tehe:Involving mum, things won't go funny in this scenario mate. Better you learn the basics of making fun. :Lmao: :rofL: :lol: :DBTW with this things, it makes me thinking on earning some money and buy an iPhoneThen I must say, you have some kind or sexual disorder disease :lol: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.