90% of Android Devices Are DoS Vulnerable

Android-versions.jpg

An attacker can trigger the Android vulnerability by sending a malformed video file using the Matroska container.

Less than a week after Trend Micro disclosed a denial-of-service (DoS) vulnerability impacting the majority of Android devices in use, researchers with the security firm have disclosed another DoS flaw that affects even more users.
The vulnerability can be exploited by an attacker to cause a device to reboot, and it is similar to the previously identified bug in that it exists in the media server program, Wish Wu, mobile threat response engineer with Trend Micro, wrote on their blog post.
“In more a severe case, where a related malicious app is set to auto-start, the device can be trapped in an endless reboot and rendered unusable,” Wu wrote, adding that this issue can also cause the device to be drained of its battery life.

An attacker can exploit the bug - CVE-2015-3823, which is caused by an integer overflow in parsing .MKV files - either by a malicious app installed on the affected device, or by luring a user to a specially crafted website containing a malformed media file, Wu wrote.

The vulnerability affects Android versions 4.0.1 to 5.1.1, meaning that about 89 percent of devices in use today are affected, Wu wrote, adding attacks exploiting the bug have not been observed in the wild. Trend Micro reported the vulnerability to Google and the Android Security Team confirmed a fix was available.

“Getting rid of the app is quite problematic,” Wu wrote. “It may be difficult to locate the app once downloaded. Attackers may opt to keep it hidden and silent for a long time and only trigger the attack days or months later. Users may believe it is not installed and attribute the reboots to problems in the Android system.”

Denial-of-service bugs are not the only issues plaguing the popular mobile operating system - last week researchers with Zimperium disclosed multiple critical remote code execution vulnerabilities in Android's Stagefright code that can be exploited on an estimated 950 million devices.

SC Magazine:  http://bit.ly/1KYVXLi

 

« Cyber Extortion: A Growth Industry
Smart Homes and the Data Underclass »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Data Shepherd

Data Shepherd

Data Shepherds primary focus is to protect your business. We achieve this by offering extensive and unique expertise in innovative IT and Cyber security solutions.

Modulo Security

Modulo Security

Modulo provides automated Governance, Risk, and Compliance (GRC) solutions.

iONLINE

iONLINE

iONLINE delivers high quality IT services and solutions to businesses in Azerbaijan.

Cyber Security Malta

Cyber Security Malta

Cyber Security Malta is part of Malta's National Cyber Security Strategy which aims to combat cybercrime, strengthen national cyber defence and provide cyber security awareness and education.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

CodeHunter

CodeHunter

CodeHunter is a malware hunting SaaS platform designed to detect all variations of malware, known and unknown, without the need for source code or signatures.

CodeLock

CodeLock

Codelock is a patent-pending solution that continuously provides software security at the code level, while providing advanced management insights with performance metrics and data analytics.

PointWire

PointWire

PointWire offers a range of cybersecurity solutions and services including Penetration Testing on various levels, as well as Intrusion Detection and Prevention Systems.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.