Android vulnerability in the execution of mp3 and mp4 put up one billion devices at risk – Leak

 

 
                         
 

                         
 
                         

                                         
                                                 
                                         
                                                 
                                         
 
                         

 
 

Thursday, October 1, 2015 12:39 pm > 9k

 

 

Tell your friends …

Continue to follow up reports of vulnerabilities in Android and more Recent gives failure to account on how the operating system handles MP3 and MP4 files, which allows the execution of malicious code from websites

. According to investigators the Zimperium, the problem arises when any app uses the Media libraries Android to preview these audio or video content, and recalls the problem also detected by Zimperium in libraria Stagefright.

The vulnerability, this time located in “libutils” and affects all Android versions prior to Android 5.0, but can be exploited in Android latest Lollipop, traveled together with a new bug in Stagefright

.

The good news is that the scanning vector via MMS has been corrected after the knowledge of Stagefright vulnerability, but the bad news say now just take the user to have to click on malicious links in emails or malicious advertisements on legitimate sites, and hackers able to intercept communications on open networks can inject code directly in traffic

. Finally, multimedia apps that make use of the libutils to read metadata about media files, too could be explored

.

The solution

Google is informed of vulnerabilities, which received the CVE-2015-3876 and CVE-2015-6602 codes, and will release a fix start on Saturday 05 October, and has shared solutions to manufacturers smartphone

. The whole thing may not end up here because following the first major vulnerability found in Stagefright, the attentions of hackers and security companies concentrated if in multimedia libraries of the Android system and various problems have been reported, although variable dimension. It is therefore expected that new vulnerabilities can still be found

.

Tags:

• android
• malware
• Segurança
• stagefright
• vulnerabilidades

Popular Posts

• 

  Facebook tests app similar to Snapchat – Diário de Notícias – Lisbon

  The Messenger Day will allow you to send photos, videos, and stickers that disappear in 24 hours, such as Snapchat After the Instagram ...
• 

  Kinematic PS VR works with other consoles and PC – Eurogamer.en

  Despite the PlayStation VR will not be compatible with other devices such as PC, Xbox One and Wii U, the new virtual reality helmet from ...
• 

  Adidas Launches Smart Watch with GPS and monitor heartbeat - Globo.com

  The market for smart watches just won a novelty. Adidas announced on Wednesday (16) one smartwatch for runners with GPS tracking and he...
• 

  Health Line 24 will investigate fake calls on day of strike ... - The Associated Press

  company administrator who manages the Health Line 24 revealed that half of the workers did not attend Saturday’s service, without any pri...
• 

  The universe may have far more galaxies than previously thought – EXAME.com

  Sao Paulo – A study conducted over the past 15 years promises to shake up what scientists know about the universe . The research states...
• 

  Take the Galaxy Note 7 the U.S. plane yields a fine of$ 180 and even imprisonment – Globo.com

  The United States government began to consider a federal crime the act of boarding airplanes within the country carrying a Galaxy Note 7...
• 

  Erica Fontes was the most searched on Google in Portugal - Economic

  Erica Fontes, House of Secrets, Benfica, Chocolate Cake and Social Security are the most popular. Throughout 2013, the Portuguese wa...
• 

  How to stream videos from Facebook to iPhone with the Chromecast – Globo.com

  Facebook has released a function that allows you to watch the videos in the feed directly on the TV. When playing back a content in the ...
• 

  The Pornhub decided to join the virtual reality – Pplware

  The world of virtual reality is becoming more real. After being introduced several systems for VR content viewing, it’s time these begin to...
• 

  iPhone 7: did you Know that the iOS 10 has an alternative to the home button? – EN official Journal of the

  The home button has always been of the things that broke in all versions of the iPhone, without exception. After so many complaint...

Blog Archive

• ►  2016 (1470)
  • ►  October (110)
  • ►  September (146)
  • ►  August (185)
  • ►  July (163)
  • ►  June (117)
  • ►  May (132)
  • ►  April (144)
  • ►  March (170)
  • ►  February (162)
  • ►  January (141)

• ▼  2015 (2053)
  • ►  December (124)
  • ►  November (159)
  • ▼  October (171)
    • Subscribe to experience the PlayStation VR in Lisb...
    • Pedro Cabrita Reis rides home in Coimbra – publico
    • Chrome OS and Android will merge – AndroidGeek
    • Pedro Cabrita Reis rides home in Coimbra – publico
    • Biennial of Contemporary Art Coimbra starts today ...
    • Google prepares merger between Chrome OS and Andro...
    • These are the Games with Gold November – VideoGame...
    • Chrome unified OS with Android? – PT Journal
    • Google wants to bring Chrome and Android – Tech & Net
    • Here’s Gear S2, the new Samsung smart watch, now o...
    • IOS updates can disconnect alarm iPhone – Jornal d...
    • Lisbon gets Gear Studio S2 from Samsung – CA News
    • In Portugal 23% of companies were the target of an...
    • 23% of Portuguese companies targeted by cyber atta...
    • A quarter of domestic companies was targeted cyber...
    • Microsoft announced to the 12th November to integr...
    • Deco contests IMI discount only for some families ...
    • Rosetta detected oxygen molecules in comet 67P – p...
    • Oxygen detected for the first time a comet – Digit...
    • Season Pass is only available in PC versions, PS4 ...
    • Porsche Macan wins GTS version – Turbo
    • iPhone China conquest and shoots profits from Appl...
    • Nissan calls to review 59,000 cars a problem in th...
    • Xbox One changes to the Windows 10 wins and backwa...
    • Attend the Sony conference at BGamer – GameOver
    • One gets the Xbox backward compatibility November ...
    • Check out the subtitled trailer for Jessica Jones,...
    • Minicom sets out to mediate an agreement between t...
    • Asteroid passes near Earth on Halloween night – TVI24
    • Microsoft ‘hide’ Xbox sales number. I wonder why? ...
    • Sony is not already developing games for the PlayS...
    • Couple sues Apple in US $ 5 million by problems wi...
    • Simulation shows black hole swallowing a star to p...
    • Black hole swallows star. – Real Time
    • Mark Zuckerberg makes speech in Mandarin at univer...
    • Call of Duty: Black Ops 3 will have 12 multi maps ...
    • At this time, the studios Sony are not developing ...
    • Sony will be to leave the PS Vita? – PT Journal
    • Windows 10 will receive a major upgrade in Novembe...
    • President of the Press Portuguese Association lead...
    • Operators were reported to block 51 pirate sites –...
    • Facebook uses more battery on iPhone – Correio da ...
    • End of First-Party Titles: Is Sony to abandon PS V...
    • Sony is not developing first-party games for PS Vi...
    • First-Party production for PS Vita come to an end,...
    • IGAC obliges operators to block pirate sites – The...
    • Facebook application in iOS will consume less batt...
    • App Facebook is depleting the battery of your mobi...
    • Major update of Windows 10 should be released in N...
    • Audi RS6 Avant and RS7 Sportback now with even mor...
    • It is Christmas: low price Sony PlayStation 4 – Te...
    • Google opens applications 150 million in grants fo...
    • Workers of the factory that makes iPhone in China ...
    • Sherlock Holmes: The Devil’s Daughter announced – ...
    • PlayStation 4 with reduced price thinking about Ch...
    • European stores prepare even greater decline in th...
    • Amazon handles more than thousand people a false r...
    • Sony PS4 low price in Europe – publico
    • Large asteroid will pass close to Earth – Journal ...
    • Sony cuts price of PlayStation 4 in Europe – IGN P...
    • Chrome now lets you mute noisy tabs – Digital Journal
    • Apple Music paid for more than 6.5 million users –...
    • Review Uncharted: The Nathan Drake Collection – Gl...
    • It is possible to silence the browser tabs individ...
    • Flowers caffeinated “addictive” bees for pollinati...
    • 6.5 million already paid to have the Apple streami...
    • Hundreds of applications are going to be banned fr...
    • When Chrome is not Chrome: beware of this well-dis...
    • “Who are you?” – The new, longer trailer for Star ...
    • Playstation 4 can be reduced in price to € 349 thi...
    • Amazon handles more than 1,000 people a false reco...
    • State computers “imprisoned” for ransom – Daily Ne...
    • Amazon handles 1,114 users by false reviews – Jorn...
    • Hackers make state computers hostages – SAPO Tek
    • Goes a plateful of in vitro meat? – PT Journal
    • Researchers hope to commercialize in vitro meat in...
    • Procession of Trellis Coimbra postponed due to bad...
    • Mysterious star has puzzled scientists. It would b...
    • More than 40 smartphones will get Android 6.0 ‘Mar...
    • Aquaris Aquaris X5 and M10, two of the many new HR...
    • Scientists find new neurons in male worms – TVI24
    • Kepler probe has uncovered “alien superstructure” ...
    • Flash: Adobe admits security flaw in the plugin – ...
    • British High Court says the Uber can continue to o...
    • Heavenly phenomenon interpreted as extraterrestria...
    • A celestial phenomenon or extraterrestrial life, t...
    • There extraterrestrial life? Kepler senses a “mega...
    • British High Court gives reason to Uber in the pro...
    • Was it finally found extraterrestrial life? – Pplware
    • Bq event: Aquaris X5 is the debut in metallic fini...
    • Giant objects blocking the light from a star intri...
    • Scientists may have discovered the first evidence ...
    • Facebook: Bug reveals popularity of posts – EN Jou...
    • Kick Off is back and on the way to PS4 and Vita PS...
    • MB Way: the ATM on your phone – Portal Technology
    • Now you can pay for purchases with mobile phone – ...
    • Came the MB Way, the ATM without cards – TVI24
    • Matt Damon is still “Lost on Mars” – RTP
    • Apple will have to pay 760 million euros to univer...
    • New IE security flaw severe affects to the Windows...
  • ►  September (203)
  • ►  August (196)
  • ►  July (207)
  • ►  June (180)
  • ►  May (216)
  • ►  April (190)
  • ►  March (187)
  • ►  February (71)
  • ►  January (149)

• ►  2014 (1217)
  • ►  December (178)
  • ►  November (129)
  • ►  October (187)
  • ►  September (191)
  • ►  August (168)
  • ►  July (63)
  • ►  June (73)
  • ►  May (20)
  • ►  April (4)
  • ►  March (6)
  • ►  February (84)
  • ►  January (114)

• ►  2013 (950)
  • ►  December (130)
  • ►  November (114)
  • ►  October (136)
  • ►  September (144)
  • ►  August (53)
  • ►  July (86)
  • ►  June (91)
  • ►  May (142)
  • ►  April (54)

About Me

Wored1980

View my complete profile