The mobile security company has discovered Zimperium which probably is the security flaw in most serious in its history Android, affecting everyone equally and devices whose fix is unlikely to reach even half of them.
Every now comes news that a new vulnerability in Android , whose most dangerous aspect is the vulnerability itself, but the time it takes to be corrected, because the usual debacle in updates to the operating system Google . And this time, the vulnerability discovered is no exception, as we have seen through NPR, National Public Radio USA, with an absurdly simple execution but could potentially be very dangerous for us.
Discovered the vulnerability by Joshua Drake, a security researcher at Zimperium (a reputed mobile security), between last April and May, this would be through a short video (such as those sent daily through WhatsApp or Telegram) with malware inside, which would take advantage of the exploit in Android when reaching the smartphone victim. “It would be even before the sound of the received message. That’s what makes it so dangerous,” says Drake.
With the app Hangouts of Google, including default in many smartphones, is where you find the increased risk.
Drake also claims that although the risk is higher in Hangouts in the default messaging app, because Hangouts processes the video to users do not have to and putting at risk , at no time you have to open the file to suffer the exploit : whether to receive the smartphone is in danger. In addition, the really worrying thing is that, even though Google already received and accepted the fix sent by Drake himself, the problem is always the same: how to get this fix to more than billion existing Android devices.
That only 50% of Android devices will receive the fix maximum is enough to see that this issue of updates must be corrected .
“Being optimistic, between 20% and 50% of Android devices will receive the fix” said Drake, and this data is devastating, highlighting once again the existing uncontrolled for updated versions reach all Android alike, whose main culprit is not Google, but the OEM responsible for carrying their customized versions as well as operators that slow the process even further. As for whether we are at risk or not, Drake believes that hackers are not making use of the vulnerability , at least for now. Hopefully the producers and Google agree to reach an agreement as soon as possible, because this puts us all at risk.
Recommended
No comments:
Post a Comment