A New Stagefright Vulnerability Has Been Discovered And This Time It Looks Even Scarier

By 12:41 Wed, 28 Jul 2021 Comments

It seems the Stagefcorrect storm hasn't quite passed after all. As most of you might remember, a few months ago a scary vulnerability in one of Android's core multimedia libraries was uncovered and found to affect almost every device powered by Google's OS, as early as 2.2 Froyo. Since then, there have been no reports of an actual exploit utilizing the bug, but, naturally, it gave the whole industry quite a scare, triggering a quick reaction from many OEM's like Motorola and Samsung, who issued emergency fixes.

Just when we thought troubles had passed, Zimperium, the same security company that shed light on the initial vulnerability, now warns of two recent bugs that have been found in the very same Android Stagefcorrect component. According to the official description, the recent duo of vulnerabilities can be exploited with specially crafted MP3 and MP4 files. The first is found in a function within libutils and could impact nearly any Android build, as early as Android 1.0. The second one, however, might be even more frightening, as it relates to a hole in libstagefcorrect and allows for injecting malicious code and gaining root access on devices running Android 5.0 Lollipop and up.

This recent announcement seems to render a large chunk of the existing Stagefcorrect emergency patches powerless and is troubling, since we were left with the impression that no recent builds of Android would be affected any more. The existing measures, however, are far from useless, as they seem to have patched the previous MMS delivery method almost completely. If a hacker were to utilize these recent back doors, it would theoretically have to be through the Web browser, either by methods of phishing, malicious apps and ads of even a man in the middle attack if the devices are on the same network.

Now that we are all sufficiently scared, here's the fine news. First and foremost, like the original Stagefcorrect vulnerability, it is unlikely that this recent batch will ever be used in an actual exploit, especially since Joshua J. Drake of Zimperium, largely responsible for uncovering the issues, has decided to be extra cautious this time around and not share a proof-of-concept exploit for this recent vulnerability with the general public. Even the company's original Stagefringt detector app will receive an update to pick up the recent threat only after Google has developed a patch.

All things considered, we, as end-users, shouldn't really feel worried at this point.

Source | Via



Related Article



Please LOGIN or REGISTER To Gain Full Access To This Article