• Recently Found Android Security Exploit Bricks Current Devices, Rendering Them Useless

    by
    Akshay Masand
    Published on 2015-07-31 08:50 AM
    12 Comments Comments


    It appears that another Android security issue was recently publicized with the latest exploit rendering devices “lifeless.” To make matters worse, the vulnerability is said to be affecting more than half of the units that are currently on the market. The folks over at Trend Micro were the first to discover the security flaw in Google’s Android mobile operating system but Google has yet to fix the issue despite acknowledging the report as a “low priority vulnerability.”

    The flaw is said to affect any device running Android 4.3 Jelly Bean up to the latest version, Android 5.1.1 Lollipop. Hackers can either install a malicious app on an Android device or direct users to a nefarious website, then force the Android device to become “apparently dead – silent, unable to make calls, with a lifeless screen,” according to Trend Micro. Furthermore, if the exploit is installed through an app, it can auto-start whenever the device boots, causing Android to crash every time the device is powered on. According to Trend Micro:

    In some ways, this vulnerability is similar to the recently discovered Stagefright vulnerability. Both vulnerabilities are triggered when Android handles media files, although the way these files reach the user differs.
    For those of you who didn’t know, the “Stagefright” Android security issue was another issue that was recently publicized earlier this week. It has the ability to affect even more Android handsets, more than 950 million devices, according to one estimate. Stagefright is the name for a system service in Android that processes various media formats implemented in native C++ code and can be exploited through a simple MMS message.

    That being said, unlike the issue discovered by Trend Micro, which hasn’t been patched yet, Stagefright was fixed by Google in the latest iteration of Android. Since many of the users on Android aren’t running the latest version of the mobile operating system, the vulnerability is said to affect 95% of Android device owners running version 2.2 Froyo all the way up to 5.1.1 Lollipop.

    Most Android device owners simply can’t run the latest iteration of the operating system due to restrictions placed by their handset makers. In comparison, 85% of Apple mobile device users are using iOS 8 or later, which is its latest operating system, while the other 13% are running iOS 7.

    If you’re an Android user or know one, keep in mind that Trend Micro recently cautioned its new exploit and Stagefright could be just the beginning of other security issues to come. They wrote the following regarding the matter:

    Further research into Android — especially the media server service — may find other vulnerabilities that could have more serious consequences to users, including remote code execution.
    How do you feel about the whole issue? Share your thoughts and comments below!

    Source: Trend Micro via AppleInsider
    This article was originally published in forum thread: Recently Found Android Security Exploit Bricks Current Devices, Rendering Them Useless started by Akshay Masand View original post
    1. Categories:
    2. iPhone,
    3. Apple,
    4. Software
    Comments 12 Comments
    1. Brandon.amos's Avatar
      Brandon.amos - 2015-07-31, 01:45 PM
      Android is useful if you like extreme customization. But when most of their handsets can't upgrade to later updates whereas iOS devices can, that's a problem. This is one thing Apple has over other companies. And making the devices that can run iOS 8 be able to upgrade to iOS, further strengthens their security. Apple is on point with their updates. They can make a patch, and make it available to most of their devices at the same time, and only a small minority of devices can't upgrade.
    1. dsg's Avatar
      dsg - 2015-07-31, 02:02 PM
      not sure there bricked, as they could just re-flash there phones. Bricked = dead device(turned into a paper weight)
    1. Brandon.amos's Avatar
      Brandon.amos - 2015-07-31, 04:03 PM
      Quote Originally Posted by dsg View Post
      not sure there bricked, as they could just re-flash there phones. Bricked = dead device(turned into a paper weight)
      Let us hope all these people don't end up with bricked devices. That would be terrible, not only for the consumers, but for the device makers, and Google as well. Almost a billion devices rendered useless? That would be a lot of lost money for everyone across the board. And it could turn people away from Android completely. Then Apple wouldn't have much competition, and then they would look like a monopoly in the device market.
    1. Carvensno's Avatar
      Carvensno - 2015-07-31, 04:07 PM
      Apples updates and support for iOS updates every year is one of the big things why I went with Apple for a smart phone instead of Android. I kept hearing everything about Android and did research, that's when I saw and read the complaints about not being able to update or not getting security updates period!
    1. Eonhpi's Avatar
      Eonhpi - 2015-07-31, 05:53 PM
      why would anyone want an os called lollipop .
    1. bmwraw8482's Avatar
      bmwraw8482 - 2015-07-31, 06:00 PM
      Because lollipops are delicious
    1. adebeci's Avatar
      adebeci - 2015-07-31, 06:04 PM
      Quote Originally Posted by dsg View Post
      not sure there bricked, as they could just re-flash there phones. Bricked = dead device(turned into a paper weight)
      He maybe want to say SemiBrick. 😅
    1. littlecheese04's Avatar
      littlecheese04 - 2015-07-31, 07:34 PM
      Quote Originally Posted by Eonhpi View Post
      why would anyone want an os called lollipop .
      I've had at least a dozen iPhones in a year, no I did not break them, but who wants a phone that simply put an i before Operating System. Seems even more lame than Lollipop to me. No, I do not use an Android.
    1. vinaygoel2000's Avatar
      vinaygoel2000 - 2015-07-31, 07:41 PM
      Quote Originally Posted by Eonhpi View Post
      why would anyone want an os called lollipop .
      If one can use an OS called El Capitan then what's wrong with Lollipop. And FYI, I have never owned an Android.
    1. Al226's Avatar
      Al226 - 2015-07-31, 10:58 PM
      Quote Originally Posted by Eonhpi View Post
      why would anyone want an os called lollipop .
      The OS is called Android, Lollipop is the version name. El Capitan is worse. And yes, I hate Android, and yes, I hate stock iOS much more than Android, but love it after it's jailbroken.
    1. rasputin007's Avatar
      rasputin007 - 2015-08-01, 03:57 PM
      Quote Originally Posted by Carvensno View Post
      Apples updates and support for iOS updates every year is one of the big things why I went with Apple for a smart phone instead of Android. I kept hearing everything about Android and did research, that's when I saw and read the complaints about not being able to update or not getting security updates period!
      I can not quite share this view!
      New iOS updates work NOT for all devices, my perfectly fine working iPhone 2G is on OS 3.1.3, forever. The 3GS is on iOS 6.1.6, forever. To keep up with new iOS updates you have to update your device model as well, which is fine when on a contract, but if you are on "Pay as you go", like me, you have to fork out a lot of money to buy a new device.
      Secondly Android do NOT need to run stock Android OS from Google, you can choose from a huge selection of custom firmware, custom kernels etc, So, even if your model is not "officially" supported by the manufacturer to run the latest Google Android OS, you still can run a custom flavour of that latest firmware.
      Something that does not exist for Apple devices, apart from WhiteDoor/BlackDoor (if I remember correctly).
      There are plenty of Android hackers that can fix bugs and you do not have to rely on an "official" update from Google.
    1. WHUDS's Avatar
      WHUDS - 2015-08-03, 02:50 AM
      Quote Originally Posted by rasputin007 View Post
      I can not quite share this view!
      New iOS updates work NOT for all devices, my perfectly fine working iPhone 2G is on OS 3.1.3, forever. The 3GS is on iOS 6.1.6, forever. To keep up with new iOS updates you have to update your device model as well, which is fine when on a contract, but if you are on "Pay as you go", like me, you have to fork out a lot of money to buy a new device.
      Secondly Android do NOT need to run stock Android OS from Google, you can choose from a huge selection of custom firmware, custom kernels etc, So, even if your model is not "officially" supported by the manufacturer to run the latest Google Android OS, you still can run a custom flavour of that latest firmware.
      Something that does not exist for Apple devices, apart from WhiteDoor/BlackDoor (if I remember correctly).
      There are plenty of Android hackers that can fix bugs and you do not have to rely on an "official" update from Google.
      Contracted phones will be no more within 24 months, everyone will be buying thier phone one way or another

  • Connect With Us

  • Discord

    Join our Discord

  • Twitter Box

  • Facebook