Android: Discovery of two significant flaws in a week

This is the second time this week that the mobile operating system Android made about him to the discovery of a major fault.

See This : All tracked by Google Maps ?

The first flaw was discovered on Android in early week and allowed to take remote control of 95% of Android smartphones. This weekend, there is a second flaw, making it non-functional phone. Tough week for Android!

Two major flaws in less than a week for Android!

We recall earlier this week of the discovery of the Stagefright hole that allowed to take full control of a remote smartphone, simply by receiving an MMS and that affected 95% of phones. Google had responded quickly by setting up a patch, even if it is still widely gaping, as manufacturers do not update smartphones including the patch.

This Friday, Trend Micro has publicly disclose another flaw on Android. The IT security company had indeed warned Google in May of the existence of this vulnerability, but the Mountain View company had then ranked the flaw as “low priority vulnerability” and did nothing. Yet according to Trend Micro, the second flaw of the week would make it nonfunctional phone, first losing a message alert, then ring tones, finally becoming completely silent and no longer work.

Versions of Android 4.3 (Jelly Bean) to Android 5.1.1 (Lollipop) affected

The computer security expert explained that the vulnerability ” is caused by an integer overflow when the mediaserver service analyzes an MKV file. He reads the buffer memory or writing data to the NULL address when analyzing audio data . ” Trend Micro continued his explanation by saying: ” The vulnerability lies in the mediaserver service, which is used by Android for index media files that are located on the Android device. This service can not properly handle a malformed video file using the Matroska container (usually with the extension. Mkv). When the process opens a malformed MKV file, the service may crash (and with it the rest of the operating system) . “

Trend Micro has announced that the flaw can be easily exploited by hackers via a malicious or corrupted site, or through an application. Only versions of Android 4.3 (Jelly Bean) to Android 5.1.1 (Lollipop) would be affected.

Share Your Comments
Previous Install your Android everywhere with ARC Welder Chrome
Next Mobile Windows 10 may not be deployed until November

About author

You might also like