Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Fully Functional Exploit for Stagefright Bug Posted for Android Devices


Zimperium a security company, during August 2015, found the Stagefright security flaw that led to the beginning of release of security updates every month starting September 2015 by Google to maintain upgraded Nexus devices.

Google tried rectifying Stagefright in September 2015, however the fix remained incomplete. This together with exploit of Stagefright 2.0 getting discovered compounded the problem that made the flaw more notorious.

The flaw an Android loophole had been accurately abused at NorthBit a software research firm in Israel, the firm's researchers claimed.

The abuse, known as Metaphor, is thoroughly explained inside a research document that NorthBit published along with displaying a film that depicted the bug getting executed on certain Nexus 5 device. Moreover according to NorthBit, a successful testing of the bug too was done on Samsung Galaxy S5, HTC One and LG G3.

Fossbytes reports that on downloading a malevolent missive, Stagefright re-configures a phone as well as makes it dispatch one unusual movie clip destined for the device even as Stagefright discloses further details regarding the handset. Dailymail.com posted this, March 21, 2016.

Thus, with the above details disclosed, a hacker may use them for compromising the device and acquiring admission into personal information while also copy data as well as utilize its camera and microphone.

NorthBit's security investigators stated they managed towards developing an exploit which could get employed against Stagefright on only versions 5.1, 5.0, 4.0 and 2.2 of Android. The exploit was created based on research by Google, NorthBit's research document stated.

Google issued one fix for Stagefright bug while gave word of routinely releasing security updates to keep check on future bugs of Android phones after Stagefright's details got published. Incidentally, written within C++, Stagefright has been found as certain software library which's built in Android's OS.

Stagefright, an accumulation of software vulnerabilities, impacts Android's OS, letting any ill-intentioned person to execute random activities on the infected iphone via executing code remotely.

NorthBit's research indicates another technique for cracking ASLR by exposing details through media-server. There are enough details in the company's research document for skilled hackers towards completing one wholly functional as also reliable exploit.

ยป SPAMfighter News - 3/29/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next