In the world of Android, Stagefright security flaw is not a new thing. It has existed for years now and Android OEMs and Google have been actively patching it for quite sometime. Infact, Google promises monthly security updates with its Nexus line of devices which fixes Stagefright in its early stages – but not anymore.
Now security researchers at NorthBit have developed a Stagefright exploit, Metaphor, which compromises any Android phone reliably. In simple terms, Stagefright is an Android media library which can be exploited simply from a web browser.
Visiting any website with a malicious MPEG-4 video will crash Android’s media server. Note: Users need not playback the video. Visiting the website serves the purpose for any attacker.
- Bigg Boss 10 Day 3 Review: Celebs Fail To Do Well in First Task
- Airtel Offers 10GB Data At Rs 259 For New 4G Smartphone Users
- Aamir Khan Starrer Dangal’s Trailer Launched: First Impressions
- TMC Supporters Attack BJP Leader Babul Supriyo
- Sri Lankan Navy Apprehends 20 Indian Fishermen
- Hillary Clinton accuses Donald Trump of being Vladimir Putin’s ‘puppet’
- Senior UP Congress Leader Rita Bahuguna Joshi Joins BJP
- Missing JNU Student: VC Gives Ultimatum To Students Over ‘Illegal Confinement’
- US Presidential Debate: Donald Trump Calls Hillary Clinton ‘A Nasty Woman’
- Hasselblad True Zoom Mod Review
- Honor 8 First Look Video
- Apple Watch 2: Review, Price And Features
- Delhi HC Dismisses Kejriwal’s Plea For Stay In Criminal Defamation Case
- Gulzar Shares An Interesting Anecdote Behind The Lyrics of ‘Humne Dekhi Hai’ Song
- Diya Mirza Displays Her Painting Skills At An Art Festival In Mumbai
Once crashed, the attacker gets the hardware data back and then the attacker can gather more data by simply sending more video files. It is a back and forth process that will eventually infect the device.
According to a report at Engadget.com, the attack sounds laborious but works quickly. Typically, it takes just 20 seconds to infect any device and Nexus 5 with stock firmware has been deemed the most effective victim.
Google says the android devices running Marshmallow or patched with security level 1 of October 1, 2015 are protected against this stagefright vulnerability.
Google’s answer brings to highlight how few devices are running Marshmallow and also the list of devices which never saw the light of security updates.
The bottomline is that a relatively recent device will protect you against Stagefright but years-old Android devices are still at risk.