Google Releases Patch for Nexus 5 ‘Stagefright’ Vulnerability

Cell phone in handGood news Nexus 5 users: Google has reportedly fixed a security vulnerability affecting the Nexus 5 and Nexus 6 handsets.

Known as “Stagefright, this vulnerability was (and still is) particularly disturbing because it could be embedded in virtually any video, without the user taking any additional steps. The security risk posed by Stagefright was initially downplayed, as Android’s lead engineer for security told National Public Radio that roughly 90% of all Android devices have a a technology built-in known as ASLR, which is believed to protect them from this vulnerability. Nonetheless, the Nexus 5 remained vulnerable to Stagefright, prompting engineers to create a fix.

AndroidCentral explained the mechanics behind Stagefright, saying it works by containing malware that’s embedded within a video file. If a user downloads the video over the Internet, receives it via MMS message, or transfers the video to his or her device, their device then becomes infected.

The site further explained the naming behind the vulnerability, saying “Stagefright” is the name of the media playback engine used that was first introduced back in Android 2.2. While Google has changed much of its Android software since then, it continues to use the same playback engine, creating a vulnerability that hackers can potentially exploit to gain access.

The exploit comes into play with Google’s (now regrettably named) “Stagefright” media playback engine, which was introduced in Android 2.2. And if you use a text messaging app that goes ahead and prepares that file for you for viewing — as Google Hangouts does, according to the example — your phone is potentially vulnerable, should a rogue video be processed,” wrote AndroidCentral.

This isn’t the first time a vulnerability has been discovered in Google’s Android operating system, and it probably won’t be the last. All mobile OS platforms are susceptible to hacking, regardless of what developers say. However, Google does a pretty good job at not only identifying such vulnerabilities, but also plugging them up in a timely manner.

So, how can you protect your Nexus 5 handset from the Stagefright vulnerability? As of writing this, currently all Nexus 5 and Nexus 6 devices are susceptible to the Stagefright exploit. The good news is that you can protect your device from infection by using caution when downloading videos. This exploit is limited strictly to video media, meaning photos and audio files are safe to download. So if you really want to safeguard your handset from this exploit, don’t download any videos — at least until Google patches the problem.

Google hasn’t released an official patch for the Stagefright exploit as of yet, but various sources claim the Mountain View company is working on one. AndroidCentral has said that Google and Sprint are making the final touches on build LMY48I, which is designed specifically for fixing the Stagefright exploit.

Were you affected by Stagefright exploit? Let us know in the comments section below!

Image attribution: https://www.flickr.com/photos/johnkarakatsanis/

Summary
Article Name
Google Releases Patch for Nexus 5 'Stagefright' Vulnerability
Description
Google is releasing a patch to address a security vulnerability, "Stagefright," in the Nexus 5 and 6.
Author

Leave a Reply

Your email address will not be published. Required fields are marked *

5 × one =