|
|
此文章由 老杏 原创或转贴,不代表本站立场和观点,版权归 oursteps.com.au 和作者 老杏 所有!转贴必须注明作者、出处和本声明,并保持内容完整
漏洞出现在安卓stagefright媒体库上,从Android2.2到5.1版本均存在此漏洞,预计95%的设备安卓设备受到影响。
黑客利用该漏洞仅通过一条彩信即可远程控制手机、获取手机中的敏感数据或监听手机。
提醒大家采取临时关闭彩信接收的措施防止手机被黑客攻击,并在收到推送补丁推送时及时更新系统。
安卓手机关闭彩信方法(不同厂商存在差异):设置->短信/彩信/信息->高级->自动下载彩信[去除勾选]
The bugs are in an unfortunate part of Android: a part that is used by the Multimedia Messaging System, or MMS.
Remember MMS?
Like SMS but with videos, sounds, pictures, and no annoying 160-character limit?
It's an aging system that doesn't get a lot of attention these days, because internet-based programs like WhatsApp, Snapchat and Instagram have swept it aside.
But most Android phones are still set up to receive MMS messages, and will process them automatically by default.
Technically speaking, an MMS arrives as a link, so that the actual content of the message (which might cost you money) is fetched only later on, when you decide that you want to look at it
That's a bit like email clients that fetch only subject lines at first, so you can ignore or delete unimportant messages without racking up download charges.
But the default SMS/MMS apps in Android 4.4 (KitKat) and 5.x (Lollipop) are Messaging and Hangouts respectively, and their default configuration is to download MMS content in the background as soon as the messages arrive.
Remote Code Execution
Unfortunately, the bugs found by Zimperium allow shellcode – executable instructions disguised as harmless multimedia data – to take control of your device as soon as the content of a booby-trapped message is downloaded.
So, you may be able to trigger malicious activity as soon as a victim's device receives your poisoned message, even if they later decide to delete it.
That's what's known as a Remote Code Execution (RCE) vulnerability, almost always the worst sort.
The bug has been around for some time, and Zimperium is claiming that 950,000,000 devices may be at risk.
(That precise sounding number seems to be simply a 95% vulnerability rate multiplied by a round one billion Androids.)
Patches coming
Google knows about the bugs, and has prepared patches.
Indeed, if you have a Google Nexus, and you have updated recently, it sounds as though you are already safe.
Sadly, we can't be sure which other device vendors have already patched, unless they choose to say so, because Zimperium is keeping the exploits under wraps until Black Hat, when the whole world will find out about them (and presumably, how to exploit them) at the same time.
It also sounds as though rebuilding Android from the open source project (AOSP) won't help yet.
Google told The Guardian:
This vulnerability was identified in a laboratory setting on older Android devices, and as far as we know, no one has been affected. As soon as we were made aware of the vulnerability we took immediate action and sent a fix to our partners to protect users.
As part of a regularly scheduled security update, we plan to push further safeguards to Nexus devices starting next week. And, we'll be releasing it in open source when the details are made public by the researcher at BlackHat.
In short, this sounds like a serious bug, and you should be looking for a patch as soon as you can get one.
What to do?
Try asking your device vendor whether a patch is available already. You may be able to get ahead of the game.
If you can't get a patch right now, find out when to expect it so that you can apply it as soon as you can.
If your messaging app supports it (Messaging and Hangouts both do), turn off Automatically retrieve MMS messages.
If your device supports it, consider blocking messages from unknown senders if you haven't already.
If your SMS/MMS app doesn't allow you to turn off Automatically retrieve messages, consider simply switching back to Android Messaging, which does.
Unless your digital lifestyle hinges on MMS, we think that you will be able to live without it, and that blocking the auto-download of potentially booby-trapped MMS content is a great start.
Of course, even if you've turned MMS auto-downloading off, you still need to avoid clicking on suspicious MMSes – doing so would initiate the potentially dangerous download anyway.
So, if you see an MMS from a sender who's never communicated with you before, consider deleting it.
And don't forget that "Stagefright" isn't specific to MMS messaging, but rather to the way Android renders the sort of content typically delivered by MMS.
Firefox for Android, for example, has recently been updated; it too was apparently vulnerable via web pages containing booby-trapped videos.
So, keep your eyes peeled for those patches!
https://nakedsecurity.sophos.com ... t-you-need-to-know/ |
|
熊猫食神·姗姗来迟的煮虾大法 (2010-6-16) remey 
发表于 2015-7-29 20:58
