AH StageFright Detector-2

New Flaw Discovered Inside Android’s Mediaserver

August 18, 2015 - Written By Ricardo Trevizo

Android was recently discovered to be susceptible to some rather sever malicious attacks via some design flaws in one of the system’s core elements that is in charge of processing multimedia files. Earlier this month, Android was heavily criticized for the so-called Stagefright exploit, for a serious issue that allowed a simple MMS message to trigger the execution of remote codes that could turn on video recording or even send your media files to a cyber criminal. Unfortunately for Android users, that’s not the only exploit that has been found in the poorly designed service that processes multimedia files, better known as the mediaserver component. Just yesterday, Trend Micro made public another exploit found on said component, one that could silently give rogue applications unrestricted access to the most delicate permissions inside Android.

Trend Micro is a company dedicated to digital security, and being one of the global leaders in the area, they are thoroughly committed to the overall safety of their numerous clients around the world. The latest vulnerability that the company found with Android’s mediaserver component this time is a problem that comes from a built in feature found on the mobile operating system called AudioEffect, and it basically ignores the size of several buffer sizes supplied by third-party clients such as media player applications, making it possible for any cyber criminal to target your device with a rogue app and trigger a heap overflow. With this exploit, the installed rogue application wouldn’t seem to require any unnecessary or serious permissions, which creates a false sense of security on the victim.

Through the use of a specifically design malicious app, users could have most of their media compromised while also allowing the attacker to record video and take pictures with relative ease. The flaw affects all Android versions from 2.3 Gingerbread to 5.1.1 Lollipop, which adds up incredibly large number, as virtually all devices are included in this range, even if they are ROMs only based on Android, as the flaw is found inside one of the system’s core components. Fortunately, Google already pushed a fix for the issue to the Android Open Source Project on August 1, leaving it to the hands of OEMs to push the much-needed update to their flagship devices.