Another Android flaw affects almost all devices

Security researchers at Trend Micro have exposed another flaw in the Android's mediaserver component. It could be remotely exploited to install malware onto a target device by sending a specially crafted multimedia message.

The vulnerability (CVE-2015-3842) affects almost all versions of Android devices with the potential of putting hundreds of millions of devices open to hackers.

The security flaw involves a mediaserver component called AudioEffect. It uses an unchecked variable that comes from the client, normally an app. The vulnerability can be exploited by malicious apps, according to a Trend Micro security researcher.

All a hacker would need to do is convince their victim to install an app that doesn't ask for “any required permissions, giving them a false sense of security.”

Researchers have also established a proof-of-concept (PoC) malicious app that exploits the flaw. Once installed, the app crashes the Android's mediaserver component by overflowing the buffer in the heap. But, if the component doesn't crash, the PoC app will be closed and run again.

There has been no indication of active attacks thus far, but researchers said the flaw could be exploited to provide full control of the target device. Google has fixed the issue, but it is unknown how long the companies will take to update the vulnerable devices.

Sign up to our newsletters