Monday, August 17, 2015

Arbour №51: 5 serious vulnerabilities Android – Mobile-review

A brief description of the most powerful “holes” in the operating system from Google, which affected it during the period from last summer.


TowelRoot, Futex Linux

public mention: June 2014.
Severity: 2/5.
Affected Release: most Android phones to 4.4
Actuality: device receiving updates after June 2014 is out of danger.

The unusual vulnerability at the kernel level, which affects subsystem Futex was originally discovered and brought public “white hacker” known as Pinkie Pie. Whatever it was, shortly after this vulnerability was included in TowelRoot – the application of the well-known hacker George Hotz to get root-access to devices Android 4.4, which is potentially dangerous potential the vulnerability was sent to a peaceful course.


Android FakeID

The public references: July 2014
Severity: 2/5
Affected versions : Up to Android 4.3
Actuality: devices with OS version 4.4 +

The observed small company Bluebox Security vulnerability allows malicious applications to break the trusted status of genuine applications by hacking his e-certificate, thereby avoiding any “quarantine” on the device. This alarmingly simple in its execution bug affecting all devices with versions 2.1-4.3.

Installer Hacking Android

The first public mention: March 2015
Severity: 1/5
The affected devices: using third-party applications to version 4.3
Actuality: device with a version of Android 4.3 out of danger

The vulnerability allows an attacker to replace the installer (or the file .apk) when using other third-party application directory that without the user to replace the installed application is malware. “Opening” the company has carried out the vulnerability of Palo Alto Networks, and at the time of detection of more than half of Android-smartphone could be compromised in this way.


Stagefright, vulnerability MMC

The first public mention: July 2015
Severity: 5/5
Affected devices: all the way up to OS 5.1
Actuality: vulnerability persists. Some cellular networks remove deactivate the automatic reading of the MMC after the receipt of the corresponding patch from Google.

It is worthy of the most serious vulnerabilities in the history of Android Stagefright affect seemingly harmless component responsible for playing media files. The vulnerability, discovered by a researcher from the company Zimperium, allows hackers to automatically play them sent by contaminated video on almost any Android-device. Incredibly, but not require any user intervention, plus the entire message can become invisible, away on their own.


The first public mention: August 2015 Severity: 3 / 5
Affected devices: all the way up to OS 5.1
Actuality: persists, manufacturers will have to release updates plug-ins.

Discovered by CheckPoint vulnerability affects popular among many manufacturers and remote support plug-ins allows an attacker to install malicious software on the device, providing complete freedom of action, since device now runs a hacker. Affected products such as RSupport, CommuniTake and TeamViewer .

Despite the fact that use this exploit is more difficult than in the case of Stagefright, there is a certain probability of the possibility of installing malware through Google Play. An additional complication is that the vulnerability does not force the user to close, in fact involved a component included in the smart phone service provider, not even Google. To “cure” requires joint efforts of the operator and Google, which may delay the process.

The original article, author John E Dunn

Elir: the security situation can not be called modern OS calm, and this It applies to iOS. However, there is no reason for panic and immediate purchase “unwise” phones: on the side of users – Google, device manufacturers and “white hackers”. Of course, not always possible to close the vulnerability from the first time, which proves that the recent update some devices. In our power to protect the device against tampering.


No comments:

Post a Comment