Spartan Posted August 11, 2015 Report Posted August 11, 2015 Have you been affected? Mobile Platform: Android OS Version: Froyo 2.2 to Lollipop 5.1.1 All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are affected. Hackers only need to know your phone number to infect your device. Essentially, malware could theoretically be embedded in a video file that could be sent via MMS (text message) to your phone - thus leaving you infected. We are aware of active exploitation attempts using this vulnerability. How can you protect yourself? You will need to wait for a system update to truly patch this vulnerability. However, there are a number of mitigation strategies that you can use to protect yourself. Disable the Auto Retrieve feature in your default-messaging app, so that videos cannot be loaded in the background and infect your device. If you use Messages: Go to Settings > Multimedia Messages > Uncheck Auto Retrieve. If you use Google Hangouts: Go to Settings > SMS > Uncheck Auto Retrieve MMS. If you use Messenger: Go to Settings > Advanced > Uncheck Auto Retrieve. If you use Messaging: Go to Settings > MMS > Uncheck Auto Retrieve. If you use WhatsApp: Go to Settings > Chat Settings > Media Auto Download > Uncheck Videos in "Wi-Fi" and "Mobile Data". Additionally, mobile platform protection from Lookout and Zimperium might also provide protection against this vulnerability. ISRC will continue to monitor this threat and update users on any additional actions. What is the vulnerability? On July 21, researchers at Zimperium discovered a series of security holes allowing malware to be embedded in a video file. That video file could then be delivered via multimedia messaging service (MMS) sent to any messaging app - like Android's native messaging app, Google Hangouts and WhatsApp. The aforementioned applications will automatically prepare that file for viewing, execute and install the embedded malware - potentially allowing for complete control of the victim device (i.e. data, accounts and applications) to the attacker. Further details will be revealed on August 6, during the Black Hat conference this week in Las Vegas. This has become known as the Stagefright hole.
Sreemanthudu Posted August 11, 2015 Report Posted August 11, 2015 asala effect iyindo ledo ela teylusthundi ??
Spartan Posted August 11, 2015 Author Report Posted August 11, 2015 asala effect iyindo ledo ela teylusthundi ?? amla paul peru meeda video chesi..adi whatsapp lo mms lo pamputunnaranta.. open cheste..hack aipoinatte
Recommended Posts