New vulnerabilities discovered in Android
Two new 0day vulnerabilities have been discovered in the Google Android mobile OS, which allow attackers to execute code on a user's device using specially crafted MP3 or MP4 files. A pair of these vulnerabilities, CVE-2015-6602 and CVE-2015-3876, is of the Remote Code Executon (RCE) type and is called Stagefright 2.0, similar to the previous Stagefright vulnerabilities that Google fixed earlier in the monthly update sets [ 1 , 2 ].
Vulnerabilities are present in the Android system components with the names libutils and libstagefright , they allow the exploit to work with maximum rights on the device, gaining full control over it. This allows attackers to install malware on it and steal confidential user information.
The main attack vector using these vulnerabilities is a mobile web browser that can allow a user to play a remote media file. Such an operation is sufficient to exploit these vulnerabilities, since the original Stagefright vulnerabilities have already been closed by Google earlier and attackers cannot rely on sending MMS messages and automatically triggering an exploit. In this case, they need one way or another to lure the user to a website with malicious content. All versions of this mobile OS are vulnerable to vulnerabilities.
')
The corresponding update to fix these vulnerabilities has not yet come out, but Google promises to fix them this month, also as part of a monthly set of updates. A list of released Android security bulletins can be found at this link . We recommend users not to follow phishing links from SMS text messages or emails, and also not to visit suspicious resources on which you are invited to listen to the proposed content.
be secure.
Vulnerabilities are present in the Android system components with the names libutils and libstagefright , they allow the exploit to work with maximum rights on the device, gaining full control over it. This allows attackers to install malware on it and steal confidential user information.
The main attack vector using these vulnerabilities is a mobile web browser that can allow a user to play a remote media file. Such an operation is sufficient to exploit these vulnerabilities, since the original Stagefright vulnerabilities have already been closed by Google earlier and attackers cannot rely on sending MMS messages and automatically triggering an exploit. In this case, they need one way or another to lure the user to a website with malicious content. All versions of this mobile OS are vulnerable to vulnerabilities.
')
The corresponding update to fix these vulnerabilities has not yet come out, but Google promises to fix them this month, also as part of a monthly set of updates. A list of released Android security bulletins can be found at this link . We recommend users not to follow phishing links from SMS text messages or emails, and also not to visit suspicious resources on which you are invited to listen to the proposed content.
be secure.
Source: https://habr.com/ru/post/268101/
All Articles