Trend Micro: bug may Android smartphones have endless reboot




A bug in Android ensures that attackers can perform a DOS attack. This slows down the phone and the battery is empty or must be restarted. In severe cases, an endless reboot can take the phone.

Before warns Trend Micro Tuesday. According to Japan’s security vulnerability in the media server of Android, which has also recently been a serious security problem was found. Trend Micro claims that anyone with Android 4.0.1 Jelly Bean 5.1.1 to Lollipop is vulnerable.

To abuse the bug, attackers must ensure that owners of an Android phone install a malicious app or go to a site that contains an incorrect media .mkv file. Once the media server, the file attempts to play, is the function according to Trend Micro in a loop where the user can not do anything. The whole system slows down until it restarts if the battery is empty.

The bug is caused by an integer overflow during the parsing of a .MKV file, which ensures that the phone is in a loop ends during the reading of the video frames. Trend Micro has published two proof-of-concepts which shows exactly how the attack is done. In the worst cases, an endless reboot may occur making the phone unusable, because a rogue app automatically start at boot the operating system.

Trend Micro claims that it is quite difficult to get rid of a malicious app. Although it is possible to locate the folder, but attackers may choose to postpone the dos attack a time. This makes it difficult to determine which program caused reboot. The security company that manufacturers will need to update the software on their obsolete devices.

It is the second time in a short time a vulnerability affecting the media server of Android. Last week was a security issue in that same program to light thus proved trivially easy to access a Android system. Specifically involved a problem in the Stage Fright framework in Android, which is responsible for playing movies.


In: Technology & Gadgets Asked By: [15469 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »