Google patches Stagefright still ... stick bug
According to the study of Exodus Intelligence, righteousness security patches Google released Stagefright for Android devices still exist vulnerabilities that hackers exploit.
Nearly one billion Android devices is in danger because of security vulnerabilities Stagefright, however, even if the patch this vulnerability has been Google and the producers released to users, the problem has not been solved to.
According to the study of Exodus Intelligence, righteousness Google patches still exist vulnerabilities that hackers exploit. The company says it has conducted crash tests and make success an Android device via MP4 video file sent by MMS. It is not clear this vulnerability can be exploited to serve the implementation of the code and make remote shutdown or not.
Google also confirmed the above findings, and said that the second patch being released to users. “We sent a patch to the partners (the Android device manufacturers) to protect users. From May 9/2015, the Nexus and Nexus Player will receive 4/5/6/7/9/10 OTA updates are monthly security fixes “- Google said.
However, Google sent out is one thing, while the Android device manufacturers have the second patch update users immediately or not is still a question unanswered. Google also emphasized that on Android technology integrated Address Space Layout Randomization can help protect Android devices from attacks from Stagefright vulnerabilities.
Exodus publicize its findings less than one week after discovery. This seemingly violated “principles”: security researcher publicly only after a 30-day vulnerabilities to the service provider (in this case Google) have developed time patch. But Exodus says on his blog that they see new vulnerabilities are part of capital Stagefright has appeared more than 120 days ago.
Google patches Stagefright still … stick bug was originally published on