Android releases new patch, fixes Stagefright bug

Android released a new patching today, fixing 23 vulnerabilities, which included two critical updates.

The new update includes another fix for the dreaded stagefright vulnerability, one in libutils where Stagefright 2.0 was found, and two in Android Mediaserver.  

The updates were sent out to Google Nexus devices, and will be added to the Android Open Source Project over the next 48 hours.  Google partners like Samsung received the patches in early October.

Stagefright 2.0 allows an attacker to execute malicious code on more than one billion phones running Android, and was a major threat since it was announced a week before the original October patch was made available.  

The patch also includes other bugs reported by Trend Micro, System Security Lab and Keen Team.

Android announced this Summer that they will be releasing regular updates, and this is hte fourth regularly scheduled update since then.

According to Android Central, Google as said that the “most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.”

For information on how you can prevent your organization from being breached, visit www.miltonsecurity.com or call 714-515-4011.

 

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *