90% of Android Devices Are DoS Vulnerable

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Android-versions.jpg

An attacker can trigger the Android vulnerability by sending a malformed video file using the Matroska container.

Less than a week after Trend Micro disclosed a denial-of-service (DoS) vulnerability impacting the majority of Android devices in use, researchers with the security firm have disclosed another DoS flaw that affects even more users.
The vulnerability can be exploited by an attacker to cause a device to reboot, and it is similar to the previously identified bug in that it exists in the media server program, Wish Wu, mobile threat response engineer with Trend Micro, wrote on their blog post.
“In more a severe case, where a related malicious app is set to auto-start, the device can be trapped in an endless reboot and rendered unusable,” Wu wrote, adding that this issue can also cause the device to be drained of its battery life.

An attacker can exploit the bug - CVE-2015-3823, which is caused by an integer overflow in parsing .MKV files - either by a malicious app installed on the affected device, or by luring a user to a specially crafted website containing a malformed media file, Wu wrote.

The vulnerability affects Android versions 4.0.1 to 5.1.1, meaning that about 89 percent of devices in use today are affected, Wu wrote, adding attacks exploiting the bug have not been observed in the wild. Trend Micro reported the vulnerability to Google and the Android Security Team confirmed a fix was available.

“Getting rid of the app is quite problematic,” Wu wrote. “It may be difficult to locate the app once downloaded. Attackers may opt to keep it hidden and silent for a long time and only trigger the attack days or months later. Users may believe it is not installed and attribute the reboots to problems in the Android system.”

Denial-of-service bugs are not the only issues plaguing the popular mobile operating system - last week researchers with Zimperium disclosed multiple critical remote code execution vulnerabilities in Android's Stagefright code that can be exploited on an estimated 950 million devices.

SC Magazine:  http://bit.ly/1KYVXLi

 

« Cyber Extortion: A Growth Industry
Smart Homes and the Data Underclass »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Law Enforcement Cyber Center (LECC)

Law Enforcement Cyber Center (LECC)

LECC is designed to assist police, digital forensic investigators, detectives, and prosecutors who are investigating and preventing crimes that involve technology.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

MBL Technologies

MBL Technologies

MBL Technologies specializes in information assurance, enterprise security, privacy, and program/project management.

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

NFIR

NFIR

NFIR is a specialist in the field of cyber security incident response and digital forensics.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Curity

Curity

The Curity Identity Server brings identity and API security together, enabling highly scalable and secure user access to digital services.

DoControl

DoControl

DoControl gives organizations the automated, self-service tools they need for SaaS applications data access monitoring, orchestration, and remediation.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

Crypto Legal

Crypto Legal

Crypto Legal is a leading UK-based law firm specialising in blockchain forensics and legal services.

NewsGuard Technologies

NewsGuard Technologies

NewsGuard provides transparent tools to counter misinformation for readers, brands, and democracies.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.