Tuesday, July 28, 2015

Vulnerability in the library stagefright. 950 million Android phones can break crafted MMS – dobreprogramy

So serious vulnerabilities in Android are probably not there. Error in
 used for processing multimedia library stagefright,
 which debuted in version 2.0 of Google’s system allows for
 take control of a smartphone without much effort on your part
 striker – just the victim to send MMS.

The discovery is due to Zimperium company specializing in
 security of mobile devices. Details of the attack so far not
 They were disclosed to anyone outside of Google, and Mozilla teams.
 However, we know everything already during the BlackHat conference in
 next week – and then comes to the real slaughterhouse.

The problem is that virtually any properly crafted
 media file, whether it is located in an MMS message or example.
 a malicious website or application .apk may be
 used as an attack vector. As held by Zimperium, developed
 they attack allows you to take control of the subsystems
 audio, cameras, and storage of Android, which means freedom in
 eavesdropping, spying and stealing user data. One can
 also use this vulnerability to run exploits giving
 root privileges. Then we lose control altogether over the phone.

But why just slaughter? It is estimated that susceptible to attack may
 be up to 950 million phones. In the worst situation are the users
 older versions to Android 4.3, deprived of virtually
 any protective mechanisms by exploits, which only
 It makes it easy to attack. However, even on Android 4.4, 5.0 and 5.1 attack is
 possible. The researchers showed what they had done smartphone Nexus 5,
 acting under the control of the Lollipop 5.1.1.

It is known and how it looks matter of updating
 system software for androids. Thoughtless decisions
 design, committed by Google, has led in practice to
 dropping these procedures for operators – and this means that for many
 models never any updates or patches do not appear.
 So Android is now one big security hole
 computer planet, and Google beyond the preparation and making available
 patches, virtually nothing he could do.

Now it remains only to wait for the automated attacks.
 Android users concerned about would you recommend in this situation
 immediate zrootowanie their phones (if you have not
 they did) and upload CyanogenMod, which is already resistant to this attack
 - Or buying the iPhone itself (although rumored about the new
 0-Dayu iOS-a), and BlackBerry. Phones with Canada seem
 today the most irritating of all those interested
 are wiretaps – most recently the Government of Pakistan, frustrated
 inability to breach the security of their communications services,
 telekomom ordered the blocking connections by BlackBerry Easy Grip Hackle
 Enterprise Server.

LikeTweet

No comments:

Post a Comment