Securing phone with password lock is not anything new; however, the latest flaw in Android edition phone is that it provides an easy access to hack phone passwords. (Photo : YouTube)
Google's monthly bug hunt discovered and patched 23 bugs on the Android platform. One of these bugs is a strain of the Stagefright vulnerability. On the other hand, seven other flaws were tagged as critical as it allow hackers to remotely control an infected device by sending multimedia messages or emails.
According to Forbes, the Google Chrome security team were able to find six bugs in Android's mediaserver component. This component is tasked of processing media files. Much of Android's services rely on mediaserver, like MMS messaging and browser video and music playback. The exploit is somewhat similar to the original Stagefright wherein hackers can take advantage of the vulnerability and access a users' video and audio stream, possibly, through a single text message.
Another critical bug discovered was in the libutils library. Libutils is a core part of the Android operating system. This library was exploited in the recently disclosed Stagefright 2 vulnerabilities. Just like the mediaserver vulnerability, hackers can exploit loopholes in the libutils library and can gain access to users' audio and video files. The vulnerability was first reported by Copperhead Security on Aug. 3.
In this month's Android security patch, 16 other bugs were fix. One bug was associated with the Stagefright vulnerability was rated high. Google said that the bug could have received a critical rating but there is a little possibility that the vulnerability could be exploited remotely, thus receiving the high rating.
According to Threat Post, Google has already notified its partners about the vulnerabilities. Tech giants like LG and Samsung have committed to regularly updating their devices in order to eliminate the lag time between disclosure of the vulnerabilities and the release of the patch.
