Last month, the biggest security flaw in Android was unveiled by Zimperium. They showed us this “unicorn” that they found that puts all prior hacks to shame.
The worrisome part is that it affects not just a handful of devices or a particular manufacturer. In a few words, all Androids above version 2.2 are vulnerable to attack or about 950 million Androids.
The exploit grants permission by targeting the libStageFright mechanism.
What Is StageFright?
In this demo, Zimperium shows everyone how an MMS which contains the exploit can be sent and used even when the target Android’s screen is off.
The exploit grants permission by targeting the libStageFright mechanism. You do not even have to open the multimedia in the MMS for the attacker to gain control.
What are vulnerable? Well, only photos in the SD cards, unauthorized audio and video recording permissions, and Bluetooth control.
Stagefright has become such a hot topic that major manufacturers have heeded the call for the Zimperium Handset Alliance (ZHA) which already enjoys the commitment of over 25 of the largest global carriers and device manufacturers to accelerate update rollouts.
The need of these companies to share security data has never been more emphasized. Besides, the nature of the Android ecosystem already makes the delivery of updates mired with obstacles.
Android, which is open-source, can be tweaked by manufacturers.
Updates and Patches
Android, which is open-source, can be tweaked by manufacturers. A good example is Samsung. Also, carriers can add their own software too. Once Google comes out with an update, it is up to the carriers to release it on their phones.
This means that updates may be slow to come.
Google, Samsung, and Alcatel, have announced direct patches which address the Stagefright problem directly. Sony, HTC, LG, Motorola, and some others have also announced update patches this month.
One piece of good news is that there are no reported cases yet of Stagefright being used against users. Also, apps are now available to check if your Android is affected, such as StageFright Detector.
Gaming-Handy: Die 7 besten Gaming-Smartphones für ein top Spielerlebnis
Hier sind sie, die 5 besten kabellosen Kopfhörer
Die 9 besten Smartphone-Kameras
IFA 2017 Preview: What to Expect from Samsung, Sony, LG and Co.
Nexus - A Series To Remember
Apple iPhone 7 Release Date Confirmed: Apple vs Samsung Price, Specs, Features and Technical Difficulties
This Is Why You Should And Should Not Get A Self-driving Car
Top 5 Must Download Apps Of The Week
How To Tell If A Person Is An Apple Or Android User
It’s Time For You To Change, Says Google
Should investors back Asian companies to win the driverless car race?
Major tech trends and highlights from this year’s Mobile World Congress
Samsung Galaxy S9 and Galaxy S9 Plus: First Impressions and New Features
14 Cool Tech Gifts for Valentine’s Day