We all are aware of the Security Updates that we receive on our Android devices from time to time. If you have the latest device than the update cycle will be cover more new security updates as compared to the old devices. However, there are times that we often delay to install the security updates even if they have arrived for our devices. Moreover, keeping our devices up to date especially, in terms of security is very essential and in today’s digital age it is a must. From the title, some of you might have got an idea what this post is all about and some of you might have not. Let me get myself clear here, as I am talking about a new way, hackers have found to target those vulnerable devices.
According to reports, there is an Android bug CVE-2019-2107 that keeps your device vulnerable to hackers which allows them to exploit your device with a specially crafted file to execute arbitrary code. You can read the official line from the Android Security Bulletin July 2019 below;
“The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.”
Once you tap on the malicious file, hackers or attackers instantly gain access to your device. These files can be videos with a malicious payload.
According to Android Developer, Marcin Kozlowski, who has already uploaded the proof of this vulnerability on the Github, writes;
“You can own the mobile [device] by viewing a video with [the malicious] payload. A possible attack vector is opening an unmodified malicious video file. Such files can be sent for example via email (the Gmail app loads video with Android’s stock video player, unless you changed it to another player).”
Fortunately, the July 2019 Security Patch fixes this issue. However, it is important to note that devices running Android version 7.0 Nougat or 8.0 Oreo are vulnerable to the attacks. It is not yet confirmed, how many users have been affected by these attacks. Moreover, the malicious video will prompt you to play the “crafted video file” on the stock Android video player. Kozlowski claims that these attacks can be disarmed if you run the video on a different video player except the stock video player on your device.
Moreover, most of the messaging apps like Facebook, WhatsApp or Instagram will be un-affected with these attacks as these platforms re-encode the videos that make the attacks in-effective. Kozlowski assumes that;
“If the video would be touched or re-encoded, which I think messengers do, it would stop the attack.”
ESET malware researcher, Lukas Stefanko further told;
“Re-uploading should break the exploit”.
According to official stats of different Android versions running on various smartphones, Google claimed in May 2019 that, there are more than 2.5 billion active Android handsets. However, out of those 2.5 billion nearly 58% of the smartphones (approx 1.5 billion) were running the Android 7.0 Nougat or 8.0 Oreo, which are susceptible to the attacks. However, there is no official confirmation or evidence that how many numbers of smartphones were exploited by these attacks.
We would advise you to upgrade your security updates with the latest July 2019 Security Patch if available for your device.