It is a usual thing that a new vulnerability will be discovered and the company will patch them. Now two vulnerabilities has been targeted towards Android and it has put around 1 Billion devices at risk.
Android latest version is 5.1.1 and is used by many number of users and of course there are also people who are using lower versions of Android also due to the hardware configuration and some backward compatibility issues.
Few weeks earlier a security researcher discovered a vulnerability in the name of #Stagefright and now it is similar to the updated version of the same vulnerability.
The two vulnerabilities are listed under #CVE-2016-6602 and #CVE-2016-3876 also resides in the media playback engine called #Stagefright and the amazing fact is that it affects all versions from Android 1 to 5.1.1.
The old vulnerability can be triggered by a simple text message but the staegefright 2.0 can be invoked by the following ways
Man in the Middle
Web Page
Instant Messaging app
Third party media player.
Google scheduled its security update on 5 October 2015 which will address all the security loopholes and the same has been shared with the Android device manufacturers and the users can also expect the patch from the manufacturers.
The security researcher who discovered the bugs said that he will release the proof of concept and the exploit code once the patch has been released by Google.
P.S : The post is to create awareness and not to be misused.
No comments:
Post a Comment