Security researchers in Beijing have disclosed that the Android Operating System by Google has got two major vulnerabilities in it which can compromise the security of one billion Android devices in Japan and leave them open to hacking. According to the researchers, no matter what version of the OS, every Android device running Android 1.0 to the latest Android 5.0 can get affected due to these vulnerabilities.
In what looks like a really shocking and worryful news, the researchers have revealed that the two discovered vulnerabilities in Android can be exploited by hackers to infect the Android users with malware and hack their devices to steal their data. Yes, the Stagefright bugs are back. Dubbed as the Stagefright 2.0, two bugs have been discovered and they are triggered when the user opens the specially infected MP4 video or MP3 audio files.
This is not a first time that a major vulnerability has been found in Android. Earlier this year, Zimperium zLabs had disclosed seven major Stagefright vulnerabilities, but now two new bugs have come up, namely Stagefright 2.0. Researchers say that the hackers can use booby-trapped media files to get into the user’s device. Once the user downloads such a file, the hacker can access the data, photos, videos, as well as the microphone and camera.
“CVE-2015-6602” is one of the two new Stagefright 2.0 bugs and can affect almost all the Android devices, right from the Android 1.0 launched in 2008. It is found in the libutils library The second vulnerability is “CVE-2015-3876” and affects Android 5.0 or later and is found in the libstagefright library which is used by Android for processing. media files.
Google has already made a statement regarding the issue and has said that the bugs will be patched in the next update, which we expect to be rolled out soon after the new Nexus devices are made available publicly.