okeedokee
The Bastion of Belmont
A MASSIVE security flaw described as the “worst Android vulnerability in the mobile OS history” is back and 950 million Android smartphones and tablets are at risk.
The ‘Stagefright’ bug, which infected phones with a media file sent via MMS, was first discovered in April before a number of patches were released to protect handsets against the vulnerability.
However, the security research firm that first discovered the flaw said it has now found a second wave of bugs.
According to Zimperium zLabs, the new vulnerability uses audio and video files to gain access to handsets.
The security researchers said people should be wary of clicking URL links or using third party apps to open the specially crafted MP3 or MP4 files.
“Meet ‘Stagefright 2.0’, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files,” Zimperium wrote on its blog. “The first vulnerability (in libutils) impacts almost every Android device since version 1.0 released in 2008.
“The vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue.”
After being notified of the bug, Google announced it would be releasing a patch in its October security update for Nexus smartphones.
Manufacturers of other Android devices are expected to also release patches as part of their routine upgrades.
http://www.news.com.au/technology/o...id-users-at-risk/story-fnjwnj25-1227557446607
The ‘Stagefright’ bug, which infected phones with a media file sent via MMS, was first discovered in April before a number of patches were released to protect handsets against the vulnerability.
However, the security research firm that first discovered the flaw said it has now found a second wave of bugs.
According to Zimperium zLabs, the new vulnerability uses audio and video files to gain access to handsets.
The security researchers said people should be wary of clicking URL links or using third party apps to open the specially crafted MP3 or MP4 files.
“Meet ‘Stagefright 2.0’, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files,” Zimperium wrote on its blog. “The first vulnerability (in libutils) impacts almost every Android device since version 1.0 released in 2008.
“The vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue.”
After being notified of the bug, Google announced it would be releasing a patch in its October security update for Nexus smartphones.
Manufacturers of other Android devices are expected to also release patches as part of their routine upgrades.
http://www.news.com.au/technology/o...id-users-at-risk/story-fnjwnj25-1227557446607
