WinMX World :: Forum

Discussion => WinMx World News => Topic started by: silicon_toad2000 on July 29, 2015, 06:57:03 am

Title: Stagefright Vulnerabilities Affect Nearly All Android Devices
Post by: silicon_toad2000 on July 29, 2015, 06:57:03 am
Nearly all Android smartphones contain remote code execution
vulnerabilities that could be exploited simply by sending the device a
maliciously crafted text message. The vulnerabilities lie in
Stagefright, an Android component that is used in playing, recording,
and processing multimedia files. Google has developed a fix for the
issue, but because the wireless carriers and device manufacturers must
also take action, it is unknown if and when the devices will be patched.
https://isc.sans.edu/forums/diary/Android+Stagefright+multimedia+viewer+prone+to+remote+exploitation/19965/
http://arstechnica.com/security/2015/07/950-million-android-phones-can-be-hijacked-by-malicious-text-messages/
http://www.darkreading.com/vulnerabilities---threats/stagefright-android-bug-heartbleed-for-mobile-but-harder-to-patch/d/d-id/1321477?
http://www.forbes.com/sites/andygreenberg/2011/08/05/android-app-turns-smartphones-into-mobile-hacking-machines/
http://www.computerworld.com/article/2953019/security/most-android-phones-can-be-hacked-with-a-simple-mms-message-or-multimedia-file.html
http://www.cnet.com/news/most-android-phones-can-be-hacked-with-one-text/
Title: Stagefright Update Needs Fixing
Post by: silicon_toad2000 on August 20, 2015, 12:16:08 pm
The update for the Stagefright vulnerability that Google initially released has been found to be problematic. The flaw affects the roughly 950 million devices that run Android versions 2.2 through 5.1. Google has developed a fix for the faulty patch and has begun pushing it out to certain devices.

http://www.theregister.co.uk/2015/08/13/stagefright_patch_needs_repatch/ (http://www.theregister.co.uk/2015/08/13/stagefright_patch_needs_repatch/)