A new flaw in Android was announced on Monday (17) by Trend Micro computer security company. According to the company, the bug allows an unauthorized malicious application to perform sensitive actions privacy, as record videos, take pictures and read MP4 files. The process is the same as Stagefright bug that leaves Hangouts vulnerable to hacker attacks on Android.
New bug hack allows Android devices using apps
manufacturers
The new problem in AudioEffect a mediacenter component that can not accurately process the size of buffers sent by other applications. As the buffer value is set by the client, this allows a program that does not require authorizations explore failure, jeopardizing the
device
In this way, the malicious application would gain access to the same actions allowed to mediacenter, taking pictures, watch and record videos. The program can also be written to exploit the flaw only after a certain time, remaining “asleep” after being downloaded to appear to be harmless.
Removing Android virus? Discover the TechTudo Forum
According to the response engineer mobile threats Trend Micro, Wish Wu, this can hinder the detection of compromised programs. The developer also said it had not found evidence that the flaw is being exploited in any kind of coup.
The problem affects versions 2.3 to 5.1.1 of Android. It was discovered in June but Trend Micro waited until the Google disclose a correction to advertise it. Although the solution has already been found, it is not yet available to end users, they should expect updates of manufacturers.
Via Trend Micro, The Guardian and PC World
No comments:
Post a Comment