90% of Android Devices Are DoS Vulnerable

Android-versions.jpg

An attacker can trigger the Android vulnerability by sending a malformed video file using the Matroska container.

Less than a week after Trend Micro disclosed a denial-of-service (DoS) vulnerability impacting the majority of Android devices in use, researchers with the security firm have disclosed another DoS flaw that affects even more users.
The vulnerability can be exploited by an attacker to cause a device to reboot, and it is similar to the previously identified bug in that it exists in the media server program, Wish Wu, mobile threat response engineer with Trend Micro, wrote on their blog post.
“In more a severe case, where a related malicious app is set to auto-start, the device can be trapped in an endless reboot and rendered unusable,” Wu wrote, adding that this issue can also cause the device to be drained of its battery life.

An attacker can exploit the bug - CVE-2015-3823, which is caused by an integer overflow in parsing .MKV files - either by a malicious app installed on the affected device, or by luring a user to a specially crafted website containing a malformed media file, Wu wrote.

The vulnerability affects Android versions 4.0.1 to 5.1.1, meaning that about 89 percent of devices in use today are affected, Wu wrote, adding attacks exploiting the bug have not been observed in the wild. Trend Micro reported the vulnerability to Google and the Android Security Team confirmed a fix was available.

“Getting rid of the app is quite problematic,” Wu wrote. “It may be difficult to locate the app once downloaded. Attackers may opt to keep it hidden and silent for a long time and only trigger the attack days or months later. Users may believe it is not installed and attribute the reboots to problems in the Android system.”

Denial-of-service bugs are not the only issues plaguing the popular mobile operating system - last week researchers with Zimperium disclosed multiple critical remote code execution vulnerabilities in Android's Stagefright code that can be exploited on an estimated 950 million devices.

SC Magazine:  http://bit.ly/1KYVXLi

 

« Cyber Extortion: A Growth Industry
Smart Homes and the Data Underclass »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Information Commissioner's Office (ICO)

Information Commissioner's Office (ICO)

The Information Commissioner's Office is an independent authority set up to uphold information rights in the public interest.

Alert Logic

Alert Logic

Alert Logic delivers unrivaled security for any environment, delivering industry-leading managed detection and response (MDR) and web application firewall (WAF) solutions.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

CyberSec Hub

CyberSec Hub

The goal of CyberSec Hub is to create a centre of excellence for cybersecurity in Krakow, a new European “Cyber-Silicon Valley”.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

PixelPlex

PixelPlex

PixelPlex is a blockchain and custom software development company with offices and developers in New York, Geneva, and Seoul.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

Datrix

Datrix

Datrix is a leading Smart Infrastructure and Cyber Security solutions provider. We deliver critical networking, communications and cyber security solutions to public and private sector organisations.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

SEK Security Ecosystem Knowledge

SEK Security Ecosystem Knowledge

SEK helps companies in the complex path of cybersecurity; in the analysis, detection and prevention of digital threats.

DruvStar

DruvStar

DruvStar provides B2B cybersecurity around threat management to strengthen businesses across attack vectors.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.