Trend Micro Discovers Vulnerability That Renders Android Devices Silent

Trend Micro has recently discovered a vulnerability in Android that can render a phone apparently dead – silent, unable to make calls, with a lifeless screen. This would mean there’d be no ring, text or notification sounds. This vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop). Combined, these versions account for more than half of Android devices in use today. No patch has been issued in the Android Open Source Project (AOSP) code by the Android Engineering Team to fix this vulnerability since we reported it in late May.


Figure 1. Unresponsive phone
(In these instances, the UI may also become very slow to respond, or completely non-responsive. If the phone is locked, it cannot be unlocked.)

The vulnerability lies in the mediaserver service, which is used by Android to index media files that are located on the Android device. This service cannot correctly process a malformed video file using the Matroska container (usually with the .mkv extension). When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system).

This vulnerability can be exploited in two ways: either via a malicious app installed on the device, or through a specially-crafted web site. The first technique can cause long-term effects to the device – an app with an embedded MKV file that registers itself to auto-start whenever the device boots would case the OS to crash every time it is turned on. Whatever means is used to lure in users, the likely payload is the same. Ransomware is likely to use this vulnerability as a new “threat” for users: in addition to encrypting on the device being encrypted, the device itself would be locked out and unable to be used. In some ways, this vulnerability is similar to the recently discovered Stagefright vulnerability. Both vulnerabilities are triggered when Android handles media files, although the way these files reach the user differs.

For now, Trend Micro recommends users who have been affected to restart your device in safe mode. Users can also use Trend Micro’s Mobile Security for Android Smartphones and Tablets which provides malicious app detection, protects your data and device, and offers extra security against fake financial and shopping apps.

For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
SHARE
    Blogger Comment
    Facebook Comment

0 comments: