However, the code is actually only tested for Android 4.0.4 Ice Cream Sandwich, and users on Android 5.1 Lollipop or higher are for now safe from being exploited through the released code. The proof-of-concept code, which is written in Python, generates an MP4 file that creates a reverse shell to allow attackers to gain access to the microphone and camera and listen in on the user and take pictures without their knowledge. As a result of the media frenzy that ensued after Zimperium's revelation, Google promised to release monthly security updates for its line of Nexus devices. The vulnerability is found in a media library called libstagefright and allows attackers to take over a remote device simply by sending people an MMS. Stagefright was first discovered in April but only disclosed to the public in late July.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |