Google released the Android key on the media process and the root vulnerability patch-vulnerability warning-the black bar safety net

2015-12-10T00:00:00
ID MYHACK58:62201569901
Type myhack58
Reporter 佚名
Modified 2015-12-10T00:00:00

Description

Google for Nexus smartphones and tablets, released a batch of new security patches,solved by a vicious e-mail, web pages and multimedia invasion the Android device's vulnerability.

Google in the security Bulletin said: the firmware update is applied the radio update promotion to support Nexus devices,and over the next 4 to 8 hours to put the patch added to the Android open source project(AOSP) is. Security fix levels included in a repair system,for example LMY48Z or Android marshmallow,will be at 2 0 1 5 year 1 2 on 1 recently established.

These update system fixes five critical vulnerabilities, twelve high vulnerability and two medium level vulnerabilities. In some of theoperating systemmedia processing component,that is processing the audio and video playback and the corresponding meta-data parses the file,and again found a considerable number of defect vulnerability.

In theoperating systemcore-Media Server, discovered a severe vulnerability patches. This vulnerability can override applied to perform does not belong to third-party applications arbitrary code. The user in the browser using specially crafted media file,an attacker can, through fraudulent means or to send MMS to remotely exploit this kind of vulnerability.

It should be noted that,in Android default Messaging app,such as hangouts or Messenger,of the received multimedia information can not be automatically resolved.

[1] [2] [3] next