A new StagefFright threats security of Android users

Hexamob | Alberto Mulas 10/3/2015

The mobile security company Zimperium again is in the main headlines. It found another security flaw that has been baptized StageFright 2.0, which probably affects all Android devices, according to information from Ars Technica.

This new vulnerabilities allow attackers to run malicious code on affected devices, due to the presence of two bugs that are displayed when MP3 files and Mp4 specially designed to begin the attack are processed.

According to the Zimperium report, “vulnerability lies in processing the metadata within files, so even preview the song or video (infected) could trigger the issue. Because the primary attack via MMS was removed in newer versions of Google applications and Google Hangouts Messenger, the most likely way to get the attack could be the web browser”. StageFright 2.0 vulnerability lies in two libraries called ‘libutils’ and ‘libstagefright’, that have to do with the processing of multimedia files. The first is found in any Android from 1.0 onwards, and the concern is that even more new devices could be engaged, depending on how third-party applications and the factory settings for each device. According to Zimperium, there are three very likely scenarios for victims.

A new StagefFright threats security of Android users 1
  1. The attacker would try to convince you to visit a specific web address where the file is hosted.
  2. An attacker is on the same network and could inject yours ‘exploit’ through common traffic interception techniques (attacks ‘man in the middle’) for unencrypted network traffic that reaches the browser.
  3. Through third-party applications such as media players and instant messaging using the vulnerable library.

According to the note of Ars Technica, Google pronounced towards the subject and claims that this new wave of bugs StageFright will be arranged with an update that will be released next week. That is, once this is released, it will take several days until you reach the Nexus equipment, which next week will already be updated to Android 6.0 Marshmallow, and will take a little longer to reach the equipment from other manufacturers. It must be remembered that the first gateway to our smartphones attackers are users, so it is important to have basic security measures as if you install third-party applications do not trust the source from which they come and be wary when click on links or advertising.

A new StagefFright threats security of Android users