Android security updates roll out to fight “Stagefright” type bug
The latest critical bug has similarities to Stagefright, but exists in Android's mediaserver. Google warns that an attacker could use the bug to remotely run malware hidden in video or audio.
In an announcement published in the Nexus Security Bulletin for January, Google said it has fixed 12 vulnerabilities affecting Android versions 4.4.4 to 6.0.1. Five are rated as critical security bugs. Partners were notified about and provided updates for the issues on December 7, 2015 or earlier, said the post.
“The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.”
The good news is that Google says, "We have had no reports of active customer exploitation of these newly reported issues." Because of enhancements in newer versions of the Android platform, exploitation for many issues on Android is made more difficult. Regardless, Google encourages all users to update to the latest version of Android where possible.
Avast Threat Labs found that 72% of attacks on Android devices use adware, but you can protect your advice with these 5 tips.
Learn how to protect your privacy on your cell phone with these 9 easy tips.