Over one billion Android phones and other devices are vulnerable to a new attack allowing hackers to exploit the way Android processes multimedia, according to security firm Zimperium.
Dubbed Stagefright 2.0, the vulnerability centers around the way Android deals with the metadata of MP3 audio files and MP4 video files on malicious websites.
If a hacker successfully exploited the vulnerability, they could execute unauthorized code on a victim’s device.
Stagefright 2.0 affects “almost every Android device” from version 1.0 to 5.1.1, the latest release, according to Zimperium.
Even previewing the media files triggers the exploit. Google is scheduled to release a fix on Oct. 5, according to Computer World.
Zimperium also found the original Stagefright vulnerability earlier this year, an exploit affecting over 950 billion devices that allowed phones to be hacked with a single text message.
H/T Motherboard | Illustration by Max Fleishman
*First Published: Oct 1, 2015, 1:12 pm