“The search and mobile giant on Monday released its monthly round of Android security fixes, with one persistent flaw at the top of the list: a “critical” security vulnerability in mediaserver, a part of Android that finds and indexes media files stored on the device,” Zack Whittaker reports for ZDNet. “Almost every month since Google began pushing out monthly security patches, researchers have found a new problem in the bug-ridden Android component.”
“According to the bulletin, the two flaws ‘could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files,'” Whittaker reports. “In other words, an attacker can run malware on a device by exploiting the mediaserver, because the service has access to privileged parts of the device which other apps don’t have.”
Whittaker reports, “All Nexus devices are vulnerable to the two flaws, and other devices that are running Android KitKat (4.4.4) and later, said the bulletin.”
Read more in the full article here.
MacDailyNews Take: Now to be fair, this is only because Android is an inferior product peddled to cheapskate tech illiterates who do not value their privacy and/or who are unable to recognize a half-assed knockoff from the revolutionary original.
Android is a BlackBerry clone that was hastily rejiggered at the last minute to mimic iPhone in a panic by Google. Obviously, mistakes were made and corners were cut.
So, the Android rush-job is a privacy and security nightmare. It’s a fragmented morass. It’s too many cooks in the kitchen. It’s crap-by-committee lowest common denominator junk.
And anyone who rewards blatant thieves by settling for Android garbage deserves their fate.
85% of mobile device failures occur on Android, with Samsung leading the way – February 23, 2016
More than 90% of Android devices are running out-dated, insecure operating system versions – January 27, 2016
Dangerous new zero-day flaw affects more than two-thirds of all Android devices – January 20, 2016
Android malware steals one-time passcodes, a crucial defense for online banking – January 14, 2016
New Android malware is so bad, you’d better off buying a new phone – November 6, 2015
Apple issues iPhone manifesto; blasts Android’s lack of updates, lack of privacy, rampant malware – August 10, 2015
New Android malware strains to top 2 million by end of 2015 – July 1, 2015
Symantec: 1 in 5 Android apps is malware – April 25, 2015
Kaspersky Lab Director: Over 98% of mobile malware targets Android because it’s much, much easier to exploit than iOS – January 15, 2015
Security experts: Malware spreading to millions on Android phones – November 21, 2014
There’s practically no iOS malware, thanks to Apple’s smart control over app distribution – June 13, 2014
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
[Thanks to MacDailyNews Reader “TJ” for the heads up.]