Android is the most popular and mostly used mobile operating system due to its openness and many other features. Last year there has been a vulnerability that puts almost major Android devices at stake in the name of #Stagefright. Recently there has been another bug related to that was found.
Actually there has been another vulnerability dubbed as #Stagefright 2.0 puts many devices at risk. Now the vulnerability has been dubbed as #Metaphor and it also exploits the old Stagefright vulnerability.
Stagefright is the core component in Android devices that has been used in playing the multimedia contents in the device the new #Metaphor vulnerability works as follows
1. Tricks the user to navigate to the vulnerable page
2. Get the device info
3. Send the malware with payload to get more information about the device.
The vulnerability is due to the Address Space Layout Randomization (ASLR) that is to be the main component in security of the devices.
The new vulnerability puts millions of devices at risk and the detailed report can be found here.
P.S: The post is to create awareness and not to be misused.
No comments:
Post a Comment