An American researcher has highlighted a flaw in the operating system for smartphones or tablets operating Android. Nearly one billion devices are potentially concerned.
A simple text message or a message containing a graphic media, audio or video (MMS) and it is all personal data stored on smartphones tablets operating Android … US According to security researchers now Zimperium, the fault detected in the source code of Android Open Source Project (AOSP) threatens nearly one billion devices, 95% of mobiles circulation.
The NPR site. org says that the flaw is more serious if the user uses the default Hangouts, which deals have the video automatically without the user will need to open the MMS. “Anyone can be targeted by this type of attack, confirms Zimperium. The most dangerous is that the attacker is able to clear the MMS before the user the way. “
Once installed, which is described as” the worst malware operating systems “can create a” Trojan Horse “and take remote, total control of the smartphone: grab its data, spy on their activity, activate the webcam, microphone, check emails, etc.
Updates to implement without delay
The French site Frandroid.com states that “the flaw was found in the multimedia library Stagefright used for playing media files” and “this library that was developed in C ++ and not Java, explains the severity of the fault.”
Joshua J. Drake, researcher Zimperium behind the discovery, has shared information with Google, which amended the AOSP source code within 48 hours to provide a fix. Remains to send this patch to all manufacturers of smartphones and tablets to allow updates. And from that side, it is not won given the number of devices involved. It will nevertheless go quickly, more details about the operation of this flaw and others are expected to be announced at the Black Hat conference on August 5 in Las Vegas.
The only good news, potential hackers are, a priori, yet went on the attack. And previous Android devices to version 2.2 are not affected. All other, to the Android Version 5.x Lolliop are vulnerable. And it makes the world!
How to protect yourself?
While waiting to install a patch, Android smartphone owners can provide partial attacks by changing the settings of their terminals. He must go to “SMS / MMS” then select “menu”, “Settings” to turn off “the extraction or automatic recovery” of MMS. We can also make it impossible receiving MMS in the “Storage Settings”.
You can also disable hangout in the general settings by going to the “default mail application” tab and selecting ” mail. “
No comments:
Post a Comment