Maniben Connect

world of internet security, latest cyber security news,information,updates on technology,it job vacancies,internet security,breaches,and safeguards

Wednesday 6 January 2016

Yet another bug in Android mediaserver.(fixed by Google)

By On 13:32:00 with 0 Comment

There are some critical security patches that exist for android users, so it is advised to constantly check for updates from your vendor.

Google has recently released updates for existing vulnerabilities that affects android devices from version 4.4.4 to 6.0.1 with some tagged as "critical"
One of the most serious vulnerability is a RCE bug in android mediaserver component.

This mediaserver is used to remotely supply multimedia content, so therfore google is actually warning that an attacker might take advantage of the actual bug to run a virus or malware inside media data files sent through numerous methods, such as internet, e-mail, surfing around, as well as MMS.

Mediaserver is really a core section of the operating system along with access to audio and video streams also having run-time rights which third party applications don't.

In case this has been heard of before, that is simply because Google has patched thirty vulnerabilities that exist in mediaserver given that Android provides security updates monthly which started in August 2015.

This mediaserver bug is also like the major vulnerability known as "stagefright" which affected as much as 95% of Android devices, which could have helped criminals to implant adware and spyware in the same way.

The Good news is that Google has effected changes to the default messaging applications, Google Hangout as well as messenger, so as to prevent automatic media processing.

Google announced that the security updates have been made available to partners since 7 December 2015.

Ever since the stagefright vulnerability, Vendors like Samsung and Google has ensured the immediate release of security fixes, but unfortunately services provides haven't released updates for every single type of Android devices that is affected by this recent set of vulnerabilities.

So therefore, it is advised that whenever you see a notification that the update is ready on your device, you need to accept it  as well as upgrade it to the latest version of Andrioid as recommended by Google.

And also until this security update is applied, you should be extremely cautious about downloading or playing media files.

Do not accept media messages coming from unidentified senders and also ensure that the you turn-off the Automatically retrieve MMS messages.
Tags:

0 comments:

Post a Comment