The company Israeli software NorthBit has discovered a new security flaw that could leave up to 275 million Android devices liable to be ‘hacked’ remotely reports the portal Devs Lab.
the company has located a new ‘exploit’ (program or code that exploits a vulnerability of a system for unwanted same behavior), named Metaphor, that attacks the multimedia player software used by Android, called Stagefright, which processes files such as images or video sent to the device even before the user opens the message.
Metaphor is able to evade sometimes to ASLR mechanism or ‘address space layout randomization’ (layout randomization address space), a defense technique for mitigating ‘exploits’.
According detailed the company, the attack is effective against Android versions 2.2 to 4.0 and Android versions 5.0 and 5.1. In addition, stressed that works best on Nexus 5 device and appears effective with some modifications to the HTC One, G3 LG and S5 Samsung.
It was believed that this recurrent related vulnerability Stagefright and it had been patched by Google. Last July expert specializing in cybersecurity Zimperium company warned that hackers could hack into a device by simply sending a text message to the ‘malware’ will take possession of it with the ‘help’ of Stagefright. Subsequently, in October, it was discovered another ‘exploit’ that allowed remote execution of malicious code through the .mp3 and .mp4 files.
No comments:
Post a Comment