Yesterday TudoCelular talked about Stargefright, a security flaw in the Android that some researchers believe to be the “worst vulnerability in operating system history” and that can affect mobile devices only when you receive a mere MMS message. Its gravity is given the lack of need to open the message for the device suffer damage. Google is on the issue and intends to eliminate it before someone decides to explore it.
The company promised next week that the device users Nexus will receive an update of security that eliminates the vulnerability. The corrections will be posted openly by Google, allowing partner companies like Samsung and Motorolla also adjust their equipment.
All Nexus, including those who are not in version 5.1 will begin receiving security updates, but that still leaves free most Android users. The Cyanogen has begun to release patches for your system version, and torçamos that other companies will follow this lead and immediately start working to remedy this failure.
For those who do not know the problem, it is estimated that this flaw in the system can reach up to 95% of Android smartphones, from version 2.2 to 5.1. The problem is due to “guilt” of a library used to process media files, call Stagefright. Besides the ease of entry on the device, users are even aware what happened. Attackers hackers could send the message when the machine is idle, gain access to the smartphone, and then delete any evidence that the device was hacked. Once the invasion was completed, can remotely operate the microphone, steal files, read e-mail and get credentials.
Despite the bad news, Joshua Drake, the researcher who found the vulnerability does not believe that the invaders are exploring the Stagefright. “So it’s a very bad problem that apparently no one is actually using,” says the note Zimperium. The luck is that it was a security researcher who eventually found the vulnerability.
This Zimperium, the company that released the problem, said he plans to present his research at Black Hat conference 2015. Google and its Android partners plan to present solution to the problem in the same fair, which will take place during the first weekend of August .
No comments:
Post a Comment