YIBADA

‘StageFright’ Makes Tech Companies Patch Up Security Issue

| Aug 09, 2015 01:17 AM EDT

Android by Google

Smartphone companies, Google, Samsung and LG pledge to deliver monthly security patches for their Android models.

The three corporations have agreed to send out updates for their Android based devices, because of a new flaw discovered in the Operating System called 'StageFright', exposed by Joshua Drake, Vice President at Zimperium, a security firm based in San Francisco.

StageFright, labeled by Drake as the worst flaw to be seen in the Android, is an infiltration of the open source OS that enters through the code responsible for playing videos on the phone, libStageFright, which the name was derived from, and is planted by texting a multimedia message to a person's smartphone according to Android Central.

The exploit can also be achieved without the knowledge of the user, as messaging apps autorun the script and lets hackers gain access to personal conversations, photographs and sensitive documents.

The security company explained the present vulnerability to Google in April, allowing it to fix the problem in time. Google has secured the bug, but some smartphones are not getting the update because their manufacturers have yet to send the users updates because of the minor differences in each company's Android system, Engadget reports.

In a statement by Google Lead Android Engineer, Adrian Ludwig, he explains that multiple layers of security have been incorporated in the operation of the phone to keep hackers from exploiting another person phone.

Address Space Layout Randomization, a background service that exists in most of the active smartphones, is another safeguard against the attacks.

The vulnerability affects smartphones with Android Versions higher than 2.0 and exist in almost a billion devices.

The details of this hack was discussed further in early August at Las Vegas during the BlackHat conference.

Related News

Most Popular

EDITOR'S PICK