Bad Google! That is not how you patch
Subject: General Tech | August 14, 2015 - 12:56 PM | Jeremy Hellstrom
Tagged: google, stagefright, Android, security
So it would seem that the patch which Google rolled out and carriers have been pushing OTA is not going to be the last that we hear of Stagefright as the patch is not all that effective. Stagefright is a vulnerability present on all 950 million devices running Android 2.2 to 5.1 and allows certain MMS to be able to execute code on your mobile device. The recently released patch does not completely ameliorate this vulnerability, an MMS can still cause the library to crash, most likely just preventing you from using the application but possibly allowing other attacks to occur.
Also of note is the monthly Android patches that Google is providing to various phone manufacturers who are supposed to be pushing them out. As many Android users will have noticed, up to and including the staff at The Register, you may not have seen the flawed patch yet, let alone the update for the patch.
"Google's security update to fix the Stagefright vulnerability in millions of Android smartphones is buggy – and a new patch is needed.
Here is some more Tech News from around the web:
- Full duplex! Bristol boffins demo Tx and Rx on the same frequency AT THE SAME TIME @ The Register
- Oracle claims Google has used Android to 'destroy' the Java market @ The Inquirer
- Automating Processes with Chef @ Linux.com
- NSA: Here’s $300,000, people. Go build us a safer Internet of Things @ The Register
- Win a stunning Deepcool Tristellar case, 750W PSU and Liquid Cooler @ Kitguru