Joshua DrakefromZimperium Mobile Securitydiscovered six + one critical vulnerabilities in the native media playback engine called Stagefright.
He calls this weaknesses Mother of all Android Vulnerabilities.
Stagefrightis a native media playback tool used by Android and all these weaknesses reside in it.
(Image credits :Securityaffairs)
Even the humble Bluetooth radio can also be hacked via Stagefright.
Depending on the MMS tool in use, the victim might never know they had even received a message.
Drake will give the full disclosure along with Proof of Concept at Def Con on 6th August.
The following design chart explains the working of Stagefright
Further, Google assured Drake that all future Android versions will be released pre-patched against these vulnerabilities.
Particularly the smaller manufacturers who make localised Android smartphones.
All devices should be assumed to be vulnerable, Drake told Forbes.
Drake says that only Android phones below version 2.2 are not affected by this particular vulnerability.
source: www.techworm.net
