Number: IRCNE2015072581
Date: 2015/07/28
According to “cnet”, a security research company claims to have found a vulnerability baked into Android that could endanger nearly all devices running the popular mobile software.
The flaw, says researcher Zimperium, exists in the media playback tool built into Android, called Stagefright. Malicious hackers could take advantage of it by sending to an Android device a simple text message that, once received by the smartphone, would give them complete control over the handset and allow them to steal anything on it, such as credit card numbers or personal information.
So far, Zimperium told National Public Radio, the flaw has not been exploited, but in a blog post on its own website, it said that 95 percent of Android devices worldwide are vulnerable.
And that is potentially a lot of phones. In 2014, over 1 billion Android devices shipped worldwide, according to researcher Strategy Analytics, which expects the number to rise in 2015 and beyond. Zimperium called Stagefright the "mother of all Android vulnerabilities."
Zimperium said it discovered the issue in April and promptly informed Google.
A Google spokeswoman said that those intermediaries are armed with the patches they need to safeguard devices, though she did not offer specifics on which were ready to push those changes through, or when that might happen.
"The security of Android users is extremely important to us and so we responded quickly and patches have already been provided to partners that can be applied to any device," the Google spokeswoman said. "Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device."
- 9