If you’re an Android user, you have a big problem. The news is out that 1 billion Android devices are vulnerable to an new version of the Stagefright attack. Dubbed Stagefright 2.0, it is way more dangerous than the original Stagefright attack. Here’s what Threatpost had to say:
The risks with these vulnerabilities, dubbed Stagefright 2.0, are nearly identical to the original Stagefright flaws; the only difference is that the attack vector for the first bugs has been patched. Successful exploits would enable remote code execution and lead to privilege escalation, putting an attacker in control over a compromised device. They would have access to personal data and photos stored on the phone, be able to take photos, record conversations, exfiltrate email and SMS/MMS messages and load additional apps.
What’s worse is that these vulnerabilities, two in total have this sort of history. The first dates back to the first version of Android, and a second dependent vulnerability that was introduced in Android 5.0. Net result, Android users have a big problem. Google is likely aware of this, but the question is this. How long will it take Google along with every Android OEM to roll out fixes for this? Until they do, Android users have a big reason to worry.
Related
This entry was posted on October 1, 2015 at 7:20 pm and is filed under Commentary with tags Android, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
A Billion Android Devices Are Vulnerable To Stagefright 2.0 Attacks
If you’re an Android user, you have a big problem. The news is out that 1 billion Android devices are vulnerable to an new version of the Stagefright attack. Dubbed Stagefright 2.0, it is way more dangerous than the original Stagefright attack. Here’s what Threatpost had to say:
The risks with these vulnerabilities, dubbed Stagefright 2.0, are nearly identical to the original Stagefright flaws; the only difference is that the attack vector for the first bugs has been patched. Successful exploits would enable remote code execution and lead to privilege escalation, putting an attacker in control over a compromised device. They would have access to personal data and photos stored on the phone, be able to take photos, record conversations, exfiltrate email and SMS/MMS messages and load additional apps.
What’s worse is that these vulnerabilities, two in total have this sort of history. The first dates back to the first version of Android, and a second dependent vulnerability that was introduced in Android 5.0. Net result, Android users have a big problem. Google is likely aware of this, but the question is this. How long will it take Google along with every Android OEM to roll out fixes for this? Until they do, Android users have a big reason to worry.
Share this:
Like this:
Related
This entry was posted on October 1, 2015 at 7:20 pm and is filed under Commentary with tags Android, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.