You can find a dangerous vulnerability that allows you to take over almost all Android devices just by playing music or video


ByJD Hancock

A vulnerability high in risk that it becomes possible to take over the terminal even if the other party does not open the message if it sends a video message is Android's media player framework "Stagefright"In April 2015 that the mobile security company's"Zimperium"As evidenced by the investigation. Up to now, patch was released from Google and terminal manufacturers, but two vulnerabilities related to "Stagefright" were discovered, and there is a danger that more than 1 billion Android smartphones and tablets will be at risk It turned out to be.

Zimperium zLabs is Raising the Volume: New Vulnerability Processing MP3 / MP4 Media.> Zimperium Mobile Security Blog
https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/


New Stagefright Bugs Leave More Than 1 Billion Android Users Vulnerable | Motherboard
http://motherboard.vice.com/read/new-stagefright-bugs-leave-more-than-1-billion-android-users-vulnerable

Joshua Drake of Zimperium who discovered the vulnerability of "Stagefright" in April 2015 seems to have continued the investigation on media processing performed on Android, and it seems that a new security problem It seems he found out. What I found this time is "Stageflight 2.0 (CVE - 2015 - 6602)" which is two vulnerabilities related to the processing of MP4 of MP3 and video data of audio data.

The newly discovered vulnerability is "It is possible to execute code remotely using" libstagefright "after Android 5.0 onwards", "even on Android 5.0 and earlier terminals, vulnerable libutils applications etc. There is an effect if it is installed. " In other words, if you use two vulnerabilities, almost all Android devices can be targeted.

Zimperium says, "There is a problem in processing file metadata, and arbitrary code may be executed simply by preview playing music or movie files," he says. However, in order to use these vulnerabilities, it is necessary to let the user play MP3 / MP4 with arbitrary code using a third party media player using the library where the vulnerability was found. About this, Zimperium says, "By allowing users to visit websites that include multimedia files, it is also possible to take over the device."

ByJohan Larsson

The vulnerability discovered this time said that "it affects almost all Android terminals", and there is a risk that Android terminal users of 950 million people will be in danger if they estimate less. Zuk Avraham, CTO of Zimperium, commented, "It is affecting 1.4 billion Android devices."

In addition, Zimperium reported this vulnerability to Google as of 15th August 2015, and Google has released a monthly security update for Nexus devices, a patch for this vulnerability We are releasing it.

in Mobile,   Security, Posted by logu_ii