Tough week for Android. Trend Micro Announces discovered a new flaw that allows this time to make the non-functional phone. Earlier this week, the Stagefright case had already shaken the aura of Google. No patch is yet available.
When this flaw is exploited successfully, the phone equipped with Android becomes silent. More alerts messages over bells. Nothing. Then the phone flu, gradually and stops. The flaw “is caused by an integer overflow when the mediaserver service analyzes a MKV file. He reads the buffer memory or writing data to the NULL address when audio analysis “Trend Micro analysis.
” The vulnerability lies in the mediaserver service, which is used by for Android indexes media files that are located on the Android device. This service can not properly handle a malformed video file using the Matroska container (usually with the extension. Mkv). When the process opens a malformed MKV file, the service may crash (and with it the rest of the operating system), “said Trend Micro.
This vulnerability can be exploited by tricking a user to visit an infected website or by downloading a syphilitic her application. Android versions affected by this flaw to run Android 4.3 (Jelly Bean) to Android 5.1.1 (Lollipop).
Trend Micro discreetly informed Google in May, but the company does would not otherwise classified this vulnerability a “low priority vulnerabilities,” according to Trend Micro. Consequence: no patch has been published. Trend Micro now therefore take the lead and make public this fault, hoping that Google has the same reactivity with Stagefright. And Trend Micro certainly benefits to publicize its solutions, which of course, protect complications from Google.
No comments:
Post a Comment