Just days after the frightening Stagefright bug – which is reportedly the biggest Android security loophole, was revealed – we have another video related bug on our hands, this time uncovered by the people at TrendMicro. It reportedly affects phones between versions 4.3 Jelly Bean and 5.1.1 Lollipop, which still means more that most of Android device running (around 90 percent) are affected by it.
The bug can affect your device in two ways, both using the mediaserver service Android uses: through a malicious application installed on your phone, or via an infected website. While theoretically restarting the phone can solve this issue, in the case of the former, the app can turn itself on everytime the phone boots, causing it to crash repeatedly.
In that case, your phone will function better as a paperweight, since the interface will be jammed entirely, rendering the phone useless and unable to carry out any functions. Reportedly, the parties involved behind this can even hold the phone at ransom, not unlocking the phone unless the owners pays them for it.
Trend Micro had reportedly uncovered the mediaserver bug to Google engineers as early as May. However, despite acknowledgement, any decisive actions on the “low priority” issue remain to be taken but are said to arrive in the near future, according to a statement released by Google.
The news is uncovered just days after the biggest vulnerability in Android “Stagefright”. With nearly the same number of smartphones affected in this instance too, it is clear that much is needed to be done if this vulnerable image of the OS is to be improved.