In the world of Android, Stagefright security flaw is not a new thing. It has existed for years now and Android OEMs and Google have been actively patching it for quite sometime. Infact, Google promises monthly security updates with its Nexus line of devices which fixes Stagefright in its early stages – but not anymore.
Now security researchers at NorthBit have developed a Stagefright exploit, Metaphor, which compromises any Android phone reliably. In simple terms, Stagefright is an Android media library which can be exploited simply from a web browser.
Visiting any website with a malicious MPEG-4 video will crash Android’s media server. Note: Users need not playback the video. Visiting the website serves the purpose for any attacker.
Once crashed, the attacker gets the hardware data back and then the attacker can gather more data by simply sending more video files. It is a back and forth process that will eventually infect the device.
According to a report at Engadget.com, the attack sounds laborious but works quickly. Typically, it takes just 20 seconds to infect any device and Nexus 5 with stock firmware has been deemed the most effective victim.
- Lenovo k6 Power Video Review
- Bigg Boss 10 December 5 Review: Manveer Calls Swam Om ‘kachdaa’
- PM Narendra Modi Declared Winner Of TIME Magazine’s Person Of The Year – Reader’s Poll
- Paneerselvam sworn in as new Chief Minister of Tamil Nadu
- Tamil Nadu CM J Jayalalithaa Passes Away After Suffering Cardiac Arrest
- J.Jayalalithaa’s Life Journey
- Here’s Why Delhi-NCR Gets Pollution Code On Lines Of Beijing
- PM Modi Is More Interested In TRP Politics Rahul Gandhi At Congress Parliamentary Meet
- Bigg Boss 10 December 1 Review: Priyanka Jagga Succeeds In Her Divide And Rule Strategy
- Kahaani 2 Audience Reaction: Vidya Balan Starrer Thriller Gets Mixed Reviews
- Find Out What PM Modi Said About Demonetisation On LinkedIn
- Row Over West Bengal ”Military Coup” Issue Escalates: Who Said What
- Here’s How Mohammad Kaif Replied To Virender Sehwag’s Birthday Wish On Twitter
- West Bengal CM Mamata Banerjee’s Flight Reportedly Had Low Fuel: Here’s What Happened
- Reliance Jio Welcome Offer Extended Till March 31, JioMoney Launched
Google says the android devices running Marshmallow or patched with security level 1 of October 1, 2015 are protected against this stagefright vulnerability.
Google’s answer brings to highlight how few devices are running Marshmallow and also the list of devices which never saw the light of security updates.
The bottomline is that a relatively recent device will protect you against Stagefright but years-old Android devices are still at risk.