Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latestover-the-air (OTA) update to Nexus devices.
Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of the Android operating system.
The Stagefright bugs allowed hackers to take control of affected Android devices by sending a malicious audio or video file.
In April, Zimperium researchers disclosed the first Stagefright vulnerability that allowed hackers tohijack any Android smartphones with just a simple text message (exploit code).
As promised, Google on Monday pushed a patch that fixes the holes in Stagefright media playback engine used by Android to process, record and play multimedia files such as PDFs.
The patch fixes 30 vulnerabilities in total, which includes:
- 14 critical vulnerabilities in Stagefright library
- 5 Remote Code Execution bugs
- 8 Elevation of Privilege bugs
- 2 Denial of Service Vulnerabilities in Mediaserver
Despite the disclosure of the vulnerabilities, Google said that the company had “no reports of active customer exploitation of these newly reported issues.”
HTC devices will probably have to wait to receive the patch, as indicates a tweet by CEO Jason Mackenzie.
Nexus devices have already received the patch through OTA update, but it is still unclear how long it will take for Samsung and LG to release the patch for their respective flagships