Doing Business | IT & Technologies

March 21, 2016

Stagefright Exploit Reliably Attacks Android Phones

You may know that the Stagefright security flaw is theoretically dangerous, but it hasn't been that risky in practice -- it's just too difficult to implement on an Android device in a reliable way.

Or rather, it was. Security researchers at NorthBit have developed a proof-of-concept Stagefright exploit, Metaphor, that reliably compromises Android phones. The key is a back-and-forth procedure that gauges a device's defenses before diving in. Visit a website with a maliciously-designed MPEG-4 video and the attack will crash Android's media server, send hardware data back to the attacker, send another video file, collect additional security data and deliver one last video file that actually infects the device.

It sounds laborious, but it works quickly: a typical attack breaks into a phone within 20 seconds. And while it's most effective on a Nexus 5 with stock firmware, it's known to work on the customized Android variants found on phones like the HTC One, LG G3 and Samsung Galaxy S5.

This doesn't amount to an in-the-wild attack, and you'll be fine if you're running Android 6.0 Marshmallow or any other OS version patched against Stagefright. The catch is that relatively few people are in that boat -- most Android users are running Lollipop or earlier, and only some of those devices have Stagefright patches. You're probably fine if you own a relatively recent device, but your friend with a years-old Android phone is at risk.

Google has provided a response that elaborates on what we knew: you're protected against this if your phone has least the October 1st, 2015 security update installed. Read the full statement below.

"Android devices with a security patch level of October 1, 2015 or greater are protected because of a fix we released for this issue (CVE-2015-3864) last year. As always, we appreciate the security community's research efforts as they help further secure the Android ecosystem for everyone."

Text by AOL
 

Tags Cloud

20102011accaaccidentaccidentsADSUadvertisingafghanistanAfrAsiaafricaagalegaagreementagricultureagroAHRIMAIairair asiaair australAir Franceair madagascarair mauritiusairasiaAirlinesairportairway coffeeAlbionalgeriaalibabaalteoAlvaro SobrinhoamazonAmeenah Gurib-FakimAMLandroidApollo Bramwellappappleappointmentsappsaquaculturearab townarrestasiaATOauditaudit reportaustraliaaustriaaviationawardawardsAxcel ChenneyBABagatelleBagatelle DamBAIBangladeshbankBank OnebankingbanksbarclaysbeachbeachesBeau Bassin-Rose HillbeautybeerBelgiumBelle-MareBelle-RiveBet365betamaxbettingBharat Telecombig databitcoinblue economyBlue-BayBOIboko haramBollywoodBOMbombingbookbookmakerbossBotswanabpmlBPOBramer BankbrazilbrexitBritish AirwaysbudgetbuildingbusesBusinessbusiness trendsCabinetcall centresCanadacanecareercareer tipscargocarnivalcasinoCCIDCCMCCTVCEBcelebretiescelebritiescementChagoscharityCharlie HebdoCHCchilechinachromeCIELcigarettesCim FinancecinemaclashesCMTcomoroscompetitionconcertconferenceCongoconstitutional amendmentconstructioncontestcontestscontractcooperationcorruptioncounterfeitcoupCourtCourtsCPBCPEcreativitycreditscrisiscruise shipsCSOCT PowerCultureCurepipecustomercustomerscustomsCVCWAcyclingcyclonedamDawood RawatdayDBMdeficitdenguedeportationdevelopmentDiego GarciadivalidoctorsdodoDomaine les PaillesDonald TrumpDPPdrug traffickingdrugsDTAADubaiDuty Freee-commercee-servicesearthquakeebeneebolaecoecologyeconomiceconomicseconomyEducationeducation abroadeducation reformEEZEgyptEIILMelectionelectionselectoral reformelectricityelon muskembassyEmiratesemirates airlinesEmtelenergyENLentrepreneurshipEOCEUEuroEuropeeventeventsexamexaminationexamsexpoexportfacebookfairFalcqfarmersfarmingfashionfast foodfbiFDIfeefeesferryfestivalFievre AphteuseFIFAFIFA World CupFilm Rebate SchemefilmingfilmsfinancefinancesfinancingFirefishfishingFIUFlacqFlic-en-FlacFloodsflourfoodFootballforecastforeign workersForumFrancefraudfruitfruitsFSCFTAfuelfunnyGAARgabongadgetsgalaxygalaxy notegamblinggame of thronesgamesgasgazaGDPGermanyghanaGlobal BusinessgolfGoodlandsgoogleGorah Issac casegovernmentGRAGrand Baygrand-baiegreecegreengreen energygrippeGTUH1N1hackershajjhamashappinessHawaiihawkershealthhealthcareHeritage Cityhi-techhighlandshistoryHolcimholidaysHong Konghorse racingHospitalhotelhotel businesshotelshowhow toHRHRDCHSBCHSCHSC ProhtchungaryhuntingHusein Abdool RahimIBAIBLICACICTICTAID cardiframacillegal fishingillegal migrationillegal workersIMFimportindiaIndian OceanIndian Ocean Island GamesIndonesiainflationinfluenzaInfographicsinfrastructureinnovationinnovationsinsuranceinterest rateinternetinterpolInterviewinterview tipsinvestinginvestmentinvestmentsIOCIORECiosiPadiphoneIPOiraniraqirelandIRSISISislamicisraelITItalyjapanJellyfishJewelleryJin FeijobjobsjockeyjournalismJulian AssangeKailash TrilochunKenyakitesurfingKPMGkreolla buttelabourLafargelandlandslideLarsen & ToubrolawlawslayoffsLe MorneleadershipleakLepeplexpressliberiaLibyalifeloanloanslocal governmentlogisticslotteryLottotechLRTLufthansalycheeMadagascarmade in morismalariamalaysiamalaysia airlinesMaldivesMalimallmanagementmanagement tipsmanufacturingmarketmarketingmarketsMauBankMauritiansmauritiusMBCMCBMCCIMDFPMeatmeccamediaMedical CouncilMedical tourismmedicamentsmedicineMedineMedPointmeetingMEFMegh PillayMESMetro ExpressMEXAmexicoMFAMGIMHCmichaela harte caseMicrosoftMIDMidlandsMIEmigrationmigration crisisminimum salaryminimum wagemiss mauritiusmistakesMITDmlMMMmobilemobile phonesMokamoneymoney launderingmonkeyMont-ChoisyMoody’sMoroccomotivationmoviesMozambiqueMPAMPCMPCBMPLMQAMRAMSBMSCMSMMTMTCMTPAMusicMV BenitaNad SivaramenNaïadeNamibiaNandanee SoornackNarendra ModinasanatureNavin RamgoolamNavind KistnahNCBNCGNDUNECnefNegative Income TaxNelson MandelaNeotownNepalnetherlandsnetworkingNew Mauritius Hotelsnew zealandNGONHDCNICNICHLNigerianight clubsNitin Chinien caseNobel Prizenokianorth koreaNRBNTANTCNWCCoceanocean economyofofficialsoffshoreoilOlympic GamesOmega ArkOmnicaneoniononlineopinionOppositionorangeoscaroscar pistoriusOUMoutsourcingPakistanpalestinePamplemoussesPanama Paperspandit sungkurParadise PapersparliamentPaul BérengerpensionpensionspeoplePhilippinesPhoenix Beveragesphonespicture of the daypillspiracyplagueplanPlanet Earth InstitutePMPMOpmsdPNQpokerpolicepoliticspollutionPonzi SchemeportPort LouisPort-LouispostPovertyPRPravind JugnauthPRBpresentationpresentation tipspresidentpricepricesprisonproblemprofitprojectprojectsprostitutionprotestspsacPSCpsychologyPTRpublic servicepwcQatarquatre-bornesquotesrainsRajindraparsad SeechurnRakesh GooljauryransomwareratesratingratingsRavi Yerrigadooreal estaterecallsreformreformsrefugeesreligionrentrepo ratereportRESRésidence Barklyrestaurantrestaurantsresultresultsresumeresume tipsretailReunionrevenuericeRiche-TerreriseRiviere-du-RempartRiviere-Noireroadsroche-boisRoches-Noires caseRodriguesRogersRose-HillrosewoodRoshi BhadainRum and SugarRundheersing BheenickrupeeRussiaRwandasafetySAJsalariessalarysalesalessales tipssamsungsanctionssaudi arabiaSBIsbmSCscamscandalSCBGscholarshipscholarshipsSchoolschoolsscienceseasecuritySEMSEMDEXSenegalSeychellesShakeel MohamedShanghaisharksshootingshoppingshopping fiestashopping mallshopping mallsshowShowkutally SoodhunSICsicomSierra LeonesingaporeSITskillssmall businesssmart citysmartphonesSMeSMEDAsmmsnapchatSobrinho casesocialsocial mediasocial networks & messengersSofitelsoftwaresolar energySomaliasonysouthsouth africaSouth China Seasouth koreasouth sudanspainsponsorshipsportSportsSquatterssri lankaSSRStar KnitwearstartupsstatisticsstatsSTCstockstock marketstocksstrategystreet vendorsStressstrikestudystudy abroadstylesuccesssuccess storysugarsugar canesummitSun ResortsSun Tan caseSunkai caseSunnystarssurveySwanSwedenSwitzerlandsyriaTAtabletsTaiwanTanzaniataxtax fraudtax heaventaxesTbillsteaTeachersteamTECtechnologytelecomtendertendersterrorismtertiarytextilethailandthethefttimetime managementtipstototaltourismtoystradetrade feetradingtrainingstransporttraveltrendsTrioletTripAdvisorTrou-aux-BichestsunamitunaTunisiaTurfTurkeyturkish airlinesTVtwittertyphoonUdMUgandaukukraineununemploymentunionsuniverseuniversityuomUSUTMvacanciesVacoasVacoas Popular Multipurpose Cooperative SocietyVacoas-PhoenixVanilla Islandsvarma caseVATVeekram BhunjunvegetablesVerizonvideoVideo of the Dayvirtual realityvisaVishnu Lutchmeenaraidoovisitvivo energyvolcanowasteWaterWaterparkWeatherwest africawhatsappWhitedot Casewi-fiwikileakswindowsWMAwomenworkworkersWorkshopWorldWorld Bankwriting tipsWTOXavier-Luc DuvalyahooYasin DenmamodeyemenYEPYerrigadoogateyoutubeZambiazimbabwe
Mauritius
© 2010-2017 mega.mu