Sony complicates the Android vulnerability by updating Xperia Z3

Hexamob | Alberto Mulas 09/24/2015

Stagefright is a malware for Android preceded by receiving a MMS with Trojans. Google or Samsung have already patched versions of Android to correct the problem, buy Sony just aggravate it with its last Android update.

As explained by the Italian blog HDBlog, the latest update released by Sony Xperia Z3 terminals not only do not close the vulnerability, but makes it worse. Before the upgrade, the Z3, Z3 Compact and Z3 Tablet were vulnerable to Stagefright in five of six cases. After the patch, they are vulnerable hundred percent of the time.

The worst part is probably that the update that is designed to run on Android 5.1.1 Lollipop provides no interest beyond minor adjustments content and a new icon in the preferences section. Stagefright jumped into public knowledge in July this year thanks to the work of the security firm Zimperium. The company was aware of the exploit since April, but reported to Google so that they could patch their operating system before issuing the vulnerability code.

Sony complicates the Android vulnerability by updating Xperia Z3 1

The exploit affects virtually all versions from Froyo on. To find out if your system is vulnerable you can download an application developed by ESET. In Welivesecurity they explain how to patch the terminal. Another useful point to avoid being sensitive to this attack method is to disable the “Auto Recovery” option in the advanced settings and Hangouts messages.

For the rest, we have a few minor tweaks here and there and an icon marginal reorganization of the preferences menu: the section dedicated to the customization is now included in the screen and that of the Home Page. Nothing sensational, in short; if you want, you can download the firmware for Z3 (D6603) from this link, but you can also expect the OTA.

Sony complicates the Android vulnerability by updating Xperia Z3