The Stagefright vulnerability has put a huge number of Android devices at risk a few months back. Android is the most widely used operating system for smartphones and tablets, and following the incident, Android owner Google has begun issuing monthly security updates for its Nexus devices. The tech company has been announcing the updates via its Nexus Security Bulletin.
Now, Google has already released the security patch for November. The search giant has listed one of the most serious and critical security vulnerabilities to come to the Android device. According to a report from Gadgets 360, the vulnerability puts users at risk of having their data stolen and losing control over their own devices. The vulnerability, once exploited, can allow hackers to execute a code from a distance, using various methods like MMS, email and web browsing.
Google said that Nexus users have already been notified of the flaw on or before Oct. 5. The Nexus Bulletin has released the update on Nov. 2, Monday. "During media file and data processing of a specially crafted file, vulnerabilities in mediaserver could allow an attacker to cause memory corruption and remote code execution as the mediaserver process," the bulletin stated.
"This issue is rated as a critical severity due to the possibility of remote code execution within the context of the mediaserver service. The mediaserver service has an access to audio and video streams as well as to such privileges that third-party apps cannot normally access," the statement concluded. The advisory recommends that users update to the latest Android version -- saying that Android Security is monitoring possible abuse with Verify Apps and Safety Net.
The security apps will warn users of known rooting apps and will block installations of such programs to avoid risks of hack. Last month, Samsung has also released a mobile bulletin, announcing security updates for its devices. The South Korean tech company has also kept to its promise of doing so, following the Stagefright incident.