Home  ›  News  ›

Stagefright Bug Returns for Sequel Thanks to MP3 Flaw

Article Comments  

Oct 2, 2015, 4:02 PM   by Eric M. Zeman

Google may have issued several patches to plug the security hole known as Stagefright, but the bug is back thanks to a newly-discovered vulnerability in MP3 and MP4 files. Zimperium Labs, which discovered the first version of Stagefright in April, says phones tricked into running specially crafted audio/video files can be taken over remotely. Zimperium suggests phones could be attacked by simply previewing the MP3 or MP4 files in a browser, which makes for a fairly easy way for hackers to gain access. The bug makes use of two vulnerabilities, one affecting Android 1.x - 4.x, and another affecting devices running Android 5.0 and up. The vulnerability can lead to remote code execution, which can then be used to commandeer the phone. Zimperium Labs has reported the issue to Google, which has already assigned a case number to the first vulnerability. Earlier this year, Google said it would begin issuing security patches outside of full system updates. Google hasn't said when it will offer a fix for this new bug.


more news about:



This forum is closed.

This forum is closed.

No messages

Page  1  of 1

Subscribe to news & reviews with RSS Follow @phonescoop on Threads Follow @phonescoop on Mastodon Phone Scoop on Facebook Follow on Instagram



All content Copyright 2001-2024 Phone Factor, LLC. All Rights Reserved.
Content on this site may not be copied or republished without formal permission.