Millions of Android users are at risk from another ‘Stagefright’ security flaw. Researchers claim it gives hackers the ability to inject malware that could copy, steal and delete data on the device, take over the smartphone’s microphone and camera for spying purposes and even track a user’s movements via GPS. Here to comment on this news is Chris Eng, Vice President of Research at Veracode, the web and mobile application security specialist.
Chris Eng, Vice President of Research at Veracode
“With the discovery of the ‘Metaphor’ vulnerability, 2016 is the third year in a row when a serious application exploit has been discovered which could impact millions of devices. With all devices running Android 2.2, 4.0, 5.0 and 5.1 now at risk (which includes popular phones including the HTC One and the Samsung Galaxy S5), once again this flaw highlights the fundamental security issues that spans the entire software spectrum.
Patching application vulnerabilities is especially challenging for the Android community with the number of different manufactures and carriers charged with the responsibility of issuing patches to devices. As with Stagefright, we anticipate that Google will be quick to issue a patch to resolve this problem. However, we hope that we don’t see a replay of Stagefright 2.0 where many of the patches hadn’t been rolled out to end-users.”