Fourth Android vulnerability detected; Is it safe to use?

One after another vulnerability in Android has raised
various questions about its safety. Android users are now, thinking is it safe
to use or not?
Researchers from Trend Micro, a security firm, have
uncovered yet another Android mediaserver vulnerability in its versions 2.3 to
5.1.1, which they have said, could allow attackers to run their code with the
same permissions that the mediaserver program already has as part of its normal
routines.
However, Google has patched the vulnerability via the
Android Open Source Project (AOSP).
According to the researchers, the vulnerability comes with
the AudioEffect, a component of the mediaserver program. It uses an unchecked
variable which comes from the client, which is usually an app. In order to
attack, the attacker must convince the victim to install an app that doesn’t
require any required permissions, giving them a false sense of security.
“Since the mediaserver component deals with a lot of
media-related tasks including taking pictures, reading MP4 files, and recording
videos, the privacy of the victim may be at risk. Devices with customized
versions of Android but with no modification made to the mediaserver component
are also affected,” they said.
The researchers have suggested that in order to block the
threat, the Android users can download Trend Micro Mobile Security (TMMS),
which can detect threats trying to use this vulnerability and running any of
the scenarios presented. They can also reboot their device using safe mode to
uninstall the malicious app.
“We also recommend that device manufacturers patch their
devices regularly to prevent their users from suffering from attacks that use
this vulnerability,” they explained.
 It is said that the
new flaw is quite similar to those three other major vulnerabilities in
Android’s mediaserver component that detected recently. CVE-2015-3823 could
allow attackers to trap phones in endless reboots and ANDROID-21296336 may
render devices silent. Lastly, CVE-2015-3824 dubbed Stagefright can be used to
install malware through a multimedia message.

Leave a Reply