The mobile security company Zimperium has discovered which probably is the most serious security flaw in Android history, affecting all devices alike and whose fix is unlikely to reach even half of them.
Neither more nor less than 95% of the terminals with Android (from version 2.2 to the current 5.1), they are in danger and could be in control of others people quite easily. And what is worse, without the user noticing. The alarm signal is given by Zimperium and Google has been quick to admit that they do have a serious problem that affect all versions of Android. The culprit is the Stagefright library, and the terminal can be held by a third party that includes malicious code in a video that can be reached in multiple ways, especially instant messaging.
Zimperium also states that although the risk is higher in Hangouts than in the default messaging app, because Hangouts video processing for the user do not have to risk, at no time have to open the file to suffer exploit: already after receive it the smartphone is in danger. In addition, the really worrying thing is that, even though Google already received and accepted the fix sent by Zimperium itself, the problem is always the same: how to get that fix to the more than one million existing Android devices.
Google claims to have already prepared the required updates that have been sent to manufacturers to be included in the system upgrades, which together with its own Android tools (according to Google), would be sufficient to mitigate this important security error, surely the most serious in the history of Android.
But the problem with this solution is not how quickly or slowly has been performed but updates Android terminals, as hopefully, between 20% and 50% of Android devices will receive the fix. Since it affects terminals from version 2.2 of Android, it is impossible to see how it will finish in all Android devices, and how it will reach ever to have a system upgrade that may resolve this flaw.