Another day, another Android exploit. Just earlier this week, a security researcher disclosed a debilitating flaw in Android multimedia playback tool Stagefright, and now researchers at Trend Micro have discovered a new vulnerability that they claim is potentially just as destructive. According to the firm’s report, an attack leveraging the exploit could, if properly executed, render an Android device “totally silent and non-responsive.”
The vulnerability resides in mediaserver, Android’s background service responsible for indexing videos, pictures, and audio. Trend Micro says that with the right know-how, a hacker could craft a malformed Matroska (usually .mkv) container capable of crashing mediaserver — and the entire operating system, subsequently — when it attempts to process the file. Researcher Wish Wu writes in a blog post that during testing, the exploit affected devices running Android 4.3 and above — about 57 percent of all Android smartphones and tablets by Google’s last count.
In its report, Trend Micro envisions increasingly dire scenarios from missed ring tones to permanently locked phones, arising from the exploit. The researchers even theorize a malicious app could render devices inoperable by loading the malformed file at boot. But Google, which was informed of the exploit last week, is a bit more measured. “While our team is monitoring closely for potential exploitation, we’ve seen no evidence of actual exploitation,” a spokesperson told Mashable. “Should there be an actual exploit of this, the only risk to users is temporary disruption to media playback on their device.”
Ultimately, the vulnerability, while worrisome, isn’t quite as dire as the Stagefright exploit, which allows hackers to hijack and install malware on phones with a simple text message. Still, Google says it’s working on a fix. In the meantime, it suggests that anyone affected by the mediaserver bug try navigating away from the malicious website or uninstalling the misbehaving application.
- AMD is working on fixes for the reported Ryzenfall, MasterKey vulnerabilities
- A major exploit leaves every Nintendo Switch susceptible to hacking
- Is your browser mining bitcoin? ‘Malvertisements’ are hijacking Google Ads
- Hackers modify ransomware to deliver a Coinhive cryptocurrency-mining payload
- From pranks to nuclear sabotage, this is the history of malware