#Hacking: Google fixes vulnerabilities in Android where rooting is a double-edge sword....
Google had to intervene to fix a few vulnerabilities that risked exposing its Nexus devices and related Android operating system to remote access – or through malware – by hackers.
The tech firm has actually been working on media file related software bugs in Android OS since July last year when Stagefright – a media-parsing library – was discovered to be flawed. This called for a massive coordinated patching action by Android manufacturers and for monthly updates to be issued by Google, Samsung and LG.
In an effort to address these most recent vulnerabilities, the giant tech company released security updates for its Nexus devices on Monday and is due to publish further patches and stitches today. Manufacturers who are in partnership with Google had already been informed of the vulnerabilities – six critical, two high and five moderate – one month ago and will soon issue updates according to their own schedules.
The most dangerous threat was to be found in the media server Android component, which constitutes a core part of the OS, the one in charge of handling and storing digital media and analysing the corresponding file metadata.
The media server process could be tampered with by attackers so as to make an arbitrary code execution possible, either remotely by tricking users into opening “maliciously-crafted” media files or by sending those files through MMS.
The
situation is gradually stabilising as are the five other critical –
high-level threats that target the very core of an OS-vulnerabilities
were fixed in the release.
One of the flaws was located in the misc-sd driver from Taiwan-based MediaTek. A further flaw was in a driver from UK-based Imagination Technologies. A third one was discovered and solved directly in the kernel. The last two critical vulnerabilities were in the Widevine QSEE Trustzone application.
All of them could compromise the whole system and would require a high-maintenance recovery process. The latter ones could allow malicious activities in the TrustZone context, a hardware-based security extension of the Central Processing Unit architecture, which is separate from the operating system.
What’s
really at the core of the matter is the act of rooting – the access to
the phone’s inner secrets. It is, in fact, a double-edged sword
depending on whose exploiting this possibility: computer wizards that
just want to “have fun” or attackers full of bad intentions.
For this reason, Google does not allow rooting apps in its Google Play store. And that is why Verify Apps and SafetyNet – Local Android security features – are in place to discourage such actions.
One extra measure if caution, in order to make remote exploitations of media parsing flaws more difficult to achieve, is the disabling of the automatic display of multimedia messages in Google Hangouts and Messenger app. This security measure was first used in response to the Stagefright flaw back in July.
The tech firm has actually been working on media file related software bugs in Android OS since July last year when Stagefright – a media-parsing library – was discovered to be flawed. This called for a massive coordinated patching action by Android manufacturers and for monthly updates to be issued by Google, Samsung and LG.
In an effort to address these most recent vulnerabilities, the giant tech company released security updates for its Nexus devices on Monday and is due to publish further patches and stitches today. Manufacturers who are in partnership with Google had already been informed of the vulnerabilities – six critical, two high and five moderate – one month ago and will soon issue updates according to their own schedules.
The most dangerous threat was to be found in the media server Android component, which constitutes a core part of the OS, the one in charge of handling and storing digital media and analysing the corresponding file metadata.
The media server process could be tampered with by attackers so as to make an arbitrary code execution possible, either remotely by tricking users into opening “maliciously-crafted” media files or by sending those files through MMS.
One of the flaws was located in the misc-sd driver from Taiwan-based MediaTek. A further flaw was in a driver from UK-based Imagination Technologies. A third one was discovered and solved directly in the kernel. The last two critical vulnerabilities were in the Widevine QSEE Trustzone application.
All of them could compromise the whole system and would require a high-maintenance recovery process. The latter ones could allow malicious activities in the TrustZone context, a hardware-based security extension of the Central Processing Unit architecture, which is separate from the operating system.
For this reason, Google does not allow rooting apps in its Google Play store. And that is why Verify Apps and SafetyNet – Local Android security features – are in place to discourage such actions.
One extra measure if caution, in order to make remote exploitations of media parsing flaws more difficult to achieve, is the disabling of the automatic display of multimedia messages in Google Hangouts and Messenger app. This security measure was first used in response to the Stagefright flaw back in July.
ReplyDeleteTelangana DSC Recruitment 2017 Notification is announced in last week of December with District wise Vacancies lists TS DSC 2017 , Telangana DSC 2017, TS DSC Notification 2017, TS DSC Model Papers 2017, Sakshi TS DSC Model Papers 2017, Namasthe Telangana TS DSC Model Papers 2017, TS DSC District wise Vacancies list 2017 Government Primary and Secondary Schools for Secondary Grade Teacher (SGT),Language Pandit (LP),School Assistant(SA)and Physical Education Teacher (PET) Posts with the TS DSC 2017.