Now Reading
Major Weakness in 500 Million Android Devices

Major Weakness in 500 Million Android Devices

by P. H. MadoreJuly 29, 2015

Trend Micro has discovered a serious weakness in what amounts to 500 million Android devices, or roughly half of all Androids in use. The vulnerability affects devices from Android 4.3 until 5.1.1. It can be initiated by an app or it can be executed remotely on a website.

Researchers say the problem is with Android’s mediaserver implementation. An improperly coded Matroska streaming video file can crash the operating system, causing it to become useless. The problem reportedly results from an integer overflow. To prove their research, Trend Micro released a proof of concept malware application that demonstrated the problem. It attempts to run such a malware-laden crash.mkv file and the mediaserver continually crashes.

Also read: Serious Android Exploit “Stagefright” Threatens 95% of all Android Phones

Since the bug was initially reported by Trend Micro in May, no patch has yet been issued for Android devices. Android users are therefore warned to be careful in their browsing habits, most especially in video watching. It is unknown what other effects such an attack could have in the right hands. If nothing else, having a website or infect app freeze a device would be a hassle.

The Stagefright attack reported previously is similar in nature to this vulnerability in that it relates to how the operating system handles media files.

Bloomua / Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it