The security update that has to ensure that infected MMS messages no cause more damage to Android smartphones seems not completely waterproof. Researchers have ingeslaagd a device that was equipped with the right patch to crash by sending an infected video file via MMS
.
MMS is a multimedia text message video, sound and pictures can contain. The Stage Fright multimedia framework of Android gets this content automatically in without the user having to give this permission. By sending an infected file in this way, attackers taking control over a device. Physical access to the device is not needed, the phone number of the victim compliant.
Stage Fright flaw was announced last month, but Google had been more than 4 months notified before. The company had plenty of time for the patch, but according to the researchers, this does not. Safety Company Exodus Intelligence believes the patch gives a false sense of security because it is possible to bypass the solution.
Many security researchers doubted before or patch the problem was solved for all devices. Many manufacturers update old equipment no longer work.
Google late in a reaction to the BBC know that most Android users are protected by the security function address space layout randomisation (ASLR). According to Google this ASLR feature in more than 90 percent of Android devices activated
.
class=”clear”
No comments:
Post a Comment