Android Security has become even more vulnerable to Stagefright 2.0 thanks Zimperium, a mobile security company who revealed that this new exploits can haunt even more Android phones than it's original (Stagefright).
Ok, let's bring you upto speed, there's this virus/bug/exploiting app called Stagefright, it is a remotely exploitable software bug that affects versions 2.2 ("Froyo") and newer of the Android operating system. It allows an attacker to perform arbitrary operations on the victim device through remote code execution and privilege escalation. Security researchers demonstrate the bug with a proof of concept that sends specially crafted MMS messages to the victim device and in most cases requires no end-user actions upon message reception to succeed, while using the phone number as the only target information. (Via Wikipedia).
Now Stagefright 2.0 is out and it's even worse, it targets Android phones running 1.0 and up (over 1.4 Billlion people could be vulnerable), and what this does is that it can exploit your phone via web browser unlike it's predecessor that uses MMS (so be careful of shared links).
Google and other tech giants are already rolling out new updates that'll patch this exploits, we also learnt Google has patched the previous bug(Stagefright) in their latest update.
One of the major reason why people get vulnerable is that they don't like to update, they tend to wait for FREE wifi to update their OS because updates are usually high in bytes. Like a Samsung Galaxy J7 i was with few days ago, it had an update and it's about 329mb, the user didn't want to update using her own mobile data but if you take security seriously, you will update.
The good news now is that Google said it will issue a patch for the new Stagefright exploit this month (October) which was yesterday.
Ok, let's bring you upto speed, there's this virus/bug/exploiting app called Stagefright, it is a remotely exploitable software bug that affects versions 2.2 ("Froyo") and newer of the Android operating system. It allows an attacker to perform arbitrary operations on the victim device through remote code execution and privilege escalation. Security researchers demonstrate the bug with a proof of concept that sends specially crafted MMS messages to the victim device and in most cases requires no end-user actions upon message reception to succeed, while using the phone number as the only target information. (Via Wikipedia).
Now Stagefright 2.0 is out and it's even worse, it targets Android phones running 1.0 and up (over 1.4 Billlion people could be vulnerable), and what this does is that it can exploit your phone via web browser unlike it's predecessor that uses MMS (so be careful of shared links).
Google and other tech giants are already rolling out new updates that'll patch this exploits, we also learnt Google has patched the previous bug(Stagefright) in their latest update.
One of the major reason why people get vulnerable is that they don't like to update, they tend to wait for FREE wifi to update their OS because updates are usually high in bytes. Like a Samsung Galaxy J7 i was with few days ago, it had an update and it's about 329mb, the user didn't want to update using her own mobile data but if you take security seriously, you will update.
The good news now is that Google said it will issue a patch for the new Stagefright exploit this month (October) which was yesterday.
"As announced in August, Android is using a monthly security update process. Issues including the ones Zimperium reported, will be patched in the October Monthly Security Update for Android rolling out Monday, October 5th."
src: techInsider
