The Hacker News Logo
Subscribe to Newsletter

Google releases Security Patch for Android Stagefright 2.0 Vulnerability

Android-Stagefright
Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latest over-the-air (OTA) update to Nexus devices.

Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of the Android operating system.

The Stagefright bugs allowed hackers to take control of affected Android devices by sending a malicious audio or video file.

In April, Zimperium researchers disclosed the first Stagefright vulnerability that allowed hackers to hijack any Android smartphones with just a simple text message (exploit code).

As promised, Google on Monday pushed a patch that fixes the holes in Stagefright media playback engine used by Android to process, record and play multimedia files such as PDFs.

The patch fixes 30 vulnerabilities in total, which includes:
  • 14 critical vulnerabilities in Stagefright library
  • 5 Remote Code Execution bugs
  • 8 Elevation of Privilege bugs
  • 2 Denial of Service Vulnerabilities in Mediaserver
Despite the disclosure of the vulnerabilities, Google said that the company had "no reports of active customer exploitation of these newly reported issues."

HTC devices will probably have to wait to receive the patch, as indicates a tweet by CEO Jason Mackenzie.

Nexus devices have already received the patch through OTA update, but it is still unclear how long it will take for Samsung and LG to release the patch for their respective flagships.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.