Stagefright Security patch leaves more than 950 million Android devices vulnerable hacked by a text- CVE-2015-3824

Stagefright_vulnerability

Pic from Exodus

Stagefright Security patch leaves more than 950 million devices vulnerable hacked by a text

The Stagefright vulnerability allows attacker to hack a phone with a text. Wiki (CVE-2015-3824)

The patch issued by Google for Stagefright doesn’t fix the vulnerability leaving more than 95% of the Android devices vulnerable. The Android devices running version 2.2 to 5.1 version are vulnerable which is estimated around 950 millions around the world.

Exodus Intelligence security researcher Mr.Jordan Gruskovnjak analysed the patch from Google and still found that the patch did not address the issues completely. This was later discussed during Blackhat and Defcon which gave more of an attention.

On the exodus blog, they further state that “We notified Google of the issue on August 7th but have not had a reply to our query regarding their release of an updated fix. Due to this, as well as the following facts, we have decided to notify the public of our findings here on the Exodus Intelligence blog. “ Details available here

The firm notified Google 120 days ago but Google doesn’t seem to have taken this seriously which leaves the entire eco system of Android vulnerable. Till we have communication from Google uses are left in the dark.

Video Demo is available below

Share Button

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>