Android found vulnerabilities that allow access to a smartphone via MMS
Computer security company ZIMPERIUM has discovered critical vulnerabilities in the Android kernel that allow it to execute code via sending MMS messages or Google Hangout. According to an approximate estimate, 95% of users of devices running the Android system (about 950 million people) are at risk. And what is the most dangerous, this vulnerability is enough to use: you only need to know the victim’s mobile phone number.
')
Joshua J. Drake (@jduck), looked into the deepest corners of the Android kernel code and found 7 critical vulnerabilities, these vulnerabilities are exposed to more than 95% of devices (approximately 950 million devices). Drake's report will be presented at Black Hat USA conferences on August 5 and CON 23 on August 7. Found many methods for remote code execution, the worst of which do not require user intervention.
The attackers only need your mobile phone number, with which they can remotely execute arbitrary code through a specially created file delivered via MMS. For a more successful and covert attack, you can delete the message before the user notices it. These vulnerabilities are extremely dangerous because they do not require the victim to take any action. Unlike phishing, where the user must open a file or link.
These screenshots were made on Nexus 5 where the latest version, Android 5.1.1, is installed.
Subject to devices with Android from version 2.2 to version 4.1.
List of registered CVEs:
Google has released a fix for these errors within a few hours, but the problem is complicated by the fact that to fix these vulnerabilities you need to update the firmware, and it is released by device manufacturers, as a rule, only for newer models.
')
Joshua J. Drake (@jduck), looked into the deepest corners of the Android kernel code and found 7 critical vulnerabilities, these vulnerabilities are exposed to more than 95% of devices (approximately 950 million devices). Drake's report will be presented at Black Hat USA conferences on August 5 and CON 23 on August 7. Found many methods for remote code execution, the worst of which do not require user intervention.
The attackers only need your mobile phone number, with which they can remotely execute arbitrary code through a specially created file delivered via MMS. For a more successful and covert attack, you can delete the message before the user notices it. These vulnerabilities are extremely dangerous because they do not require the victim to take any action. Unlike phishing, where the user must open a file or link.
These screenshots were made on Nexus 5 where the latest version, Android 5.1.1, is installed.
Subject to devices with Android from version 2.2 to version 4.1.
List of registered CVEs:
- CVE-2015-1538
- CVE-2015-1539
- CVE-2015-3824
- CVE-2015-3826
- CVE-2015-3827
- CVE-2015-3828
- CVE-2015-3829
Google has released a fix for these errors within a few hours, but the problem is complicated by the fact that to fix these vulnerabilities you need to update the firmware, and it is released by device manufacturers, as a rule, only for newer models.
Source: https://habr.com/ru/post/263759/
All Articles