Last year we wrote here at Computerworld.nl that many panic malware to Android in fact often is FUD. The measures AV vendors offer are pretty redundant: there is little to no heuristics and there are black made lists – something Google itself does. Android grabs in the same way as an antivirus app through its own Play Services
.
In addition, the operating system is set up so that processes run separately from the low levels and apps are not in each other’s data should be allowed. (Incidentally, while this approach also ensures that AV can not intervene deeply and above all provide warnings.) We therefore argued that there are three reasons why Android malware actually was not a problem on the aircraft. But the past year two of those reasons have been killed and the third is shaken.
Because of its popularity Android is an attractive target for malware authors and we see disturbing trends which demonstrate that real Android viruses are nearby. Let’s look at these devious methods and immediately see how Google a miserable year protection can still occur. You bet that behind the scenes working on it.
You can write a trojan, but it must be delivered to the device and you need an opening. Failing that rogue apps are distributed via appwinkels, where users are actually the exploits themselves. Now and then there is a vulnerability in the operating system, allowing criminals malware can fire automatically on the OS. It is up to Google and manufacturers to close these gaps on the double.
Because of this, the Stage Fright bug so disturbing. A hole like this provides a mass opening where malware can crawl through. What is even scarier to this bug is that it is a garbage collecting factual error that occurs without question in several libraries. This particular example is salient, because you can appeal it through playing rogue multimedia content – the example of a malicious MMS’je is often cited
But such an exploit could be addressed theoretically by any app use. makes this library in order to load videos. It is no surprise that this month new Stage Fright bugs have surfaced: the memory cleanup problem is a fundamental issue that we logically go back more often and see not only in engine Stage Fright. Meanwhile pops same problem with audio files that are addressed by the multimedia engine
Even in the best case scenario where only find the good guys bugs, there is a second issue:. Google has a problem with rolling out patches. It is a very good sign that manufacturers and Google now collaborate better to push patches to multiple stations, but bad weather signs are that despite contain high-end devices on the market today that Stage Fright vulnerabilities. Means something that criminals do not have its own zero days: they can create exploits for unpatched holes
Next: The second and third obstacles are being removed by ad makers – and criminals learn from this. .
No comments:
Post a Comment