Friday, 11 September 2015

Exploit For Stage Fright Serious Flaw In Android Public

Researchers at the end of July, a serious leak revealed in Android have now published the exploit code that vulnerability on a single Android model can be attacked. The vulnerability allows an attacker to send arbitrary code to execute an MMS message, steal information, read e-mails and other tasks.

In the case of older Android devices, it is even possible to completely take over the device. The vulnerability is in Stage Fright, a media library that handles various popular media formats. Because of the severity of the problem decided Zimperium, the company that discovered the vulnerability, not to immediately publish the exploit.

Since the announcement, several manufacturers rolled out updates to protect users from the issue. Google also has new versions of Messenger and Hangouts released to automatic processing of multimedia files to block received via MMS.According Zimperium is therefore now the time has come to publish the exploit code, so that administrators and security professionals to test their systems.

However, the exploit has several limitations. It is not a generic exploit and works only against a single model, namely a Nexus to Android 4.0.4 running. The exploit is not 100% reliable. In addition, the vulnerability is attacked where the exploit makes use of rectified by security in Android 5.0 and newer.

No comments:

Post a Comment