Android’s Stagefright framework flaw puts million users at risk
Zimperium security company announced the existence of a bug in the Android OS from version 2.2 to version 5.1.1_r4, 95% of Android devices - an estimated 950 million devices, which allows the remote execution of arbitrary code on any Android phone not patched. This vulnerability known as Stagefright, name of the library where the error lies, has been communicated to Google through a "Responsible Disclosure". However due to the fragmentation of the operating system, the number of terminals that do not receive the corresponding update will be high.
References:
- 27/07/2015 zimperium.com The Biggest Splash at BlackHat and DEFCON 2015
- 27/07/2015 zimperium.com Experts Found a Unicorn in the Heart of Android
- 27/07/2015 wired.co.uk 'Stagefright' Android bug is the 'worst ever discovered'
- 27/07/2015 osi.es Un MMS podría robarte información de tu móvil Android
- 28/07/2015 welivesecurity.com Stagefright: comprometiendo Android con solo un mensaje
- 28/07/2015 cert.org Android Stagefright contains multiple vulnerabilities
Tags: