Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Even after patch, Stagefright poses threat to Android devices

After a patch for the Stagefright flaw was discovered to be incomplete, leaving Android devices vulnerable to attack, Google has released a new patch to open source, according to a Kaspersky Lab Threatpost.

The four-line code fix offered for CVE-2015-3824 still allowed Android devices to crash. And, even with the patch, attackers would be able to takeover the devices.

The security researcher who created the patch issued by Google, Joshua Drake from Zimperium Mobile Security's zLabs, wrote Threatpost to say that it was his understanding that a number of additional issues have arisen since he discovered the Stagefright vulnerability.

Threatpost also quoted a Google spokesperson as saying that the company has “already sent the fix to our partners to protect users, and Nexus 4/5/6/7/9/10 and Nexus Player will get the OTA update in the September monthly security update.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.