Here’s a great big Android security flaw:
Trend Micro peeps say they have discovered a security bug that miscreants can exploit to seemingly murder millions of Android smartphones.
A device will appear lifeless and unable to make calls, with a dead screen and no sound output, if an attack is successful, we’re told. All a victim has to do is visit a dodgy webpage, or run an app containing a malicious file. Rebooting the supposedly dead smartphone will revive it.
Google’s solution is to simply get over it, not browse untrusted websites on your phone, and avoid installing evil applications. A patch to fix the hole is on its way, we’re told.
The vulnerability stems from an integer overflow bug in Android’s media server service, which can be exploited by a malformed video file in a Matroska container. When Android tries to index the file, it crashes, bringing the rest of the operating system down with it.
That bit about avoiding dodgy websites and not installing bad apps is always good advice.
Still, now might be a good time to make sure your phone is upgradeable to the latest & greatest version of Android.
Join the conversation as a VIP Member