This article is more than 1 year old

Android faces SECOND patching crisis, on the same scale as Stagefright

‘Certifi-gate’ vuln could allow unrestricted device access

'Very easily exploited', hard to fix

Without patching, an attacker can use the vulnerable plug-in to elevate access permissions and gain full control of a vulnerable device. Check Point’s security boffins reckon the “Certifi-gate” vulnerability is “very easily exploited” as well as difficult to fix.

Android offers no way to revoke the certificates that provide the problematic privileged permissions. Left unpatched, and with no reasonable workaround available, devices are vulnerable right out of the box.

“Some of the mRST vendors have released patched versions of the vulnerable plugins,” a Check Point spokesman explained. “However, it’s important to note that this doesn’t solve the issue as this doesn’t patch pre-installed plugins.”

“These patches need to come from the OEM vendor. Moreover, an attacker can always trick a user to install an old vulnerable version of the plugin and attack it in order to gain privileged permissions,” he added.

Check Point researcher Bashan and his colleagues are down to provide more details of the vulnerability (and how to fix it) during a presentation at the Black Hat security conference in Las Vegas on Thursday. ®

Bootnote

1Stagefright creates a means for attackers to plant malware on vulnerable Android devices providing only that they know the phone number of their intended target.

Specially crafted malware hidden inside multimedia message (MMS) could stealthily exploit a vulnerability in the Stagefright library. Alarmingly, no user interaction is needed at all – preview generation is automatic upon receiving the MMS by default on most Android devices.

And patches are not yet available. The upshot is that hackers can, with a text message, silently and completely take control of a smartphone.

More about

More about

More about

TIP US OFF

Send us news


Other stories you might like