Live Now

Android Mediaserver Bug Can Render Devices Unresponsive: Trend Micro

Advertisement
By Ketan Pratap | Updated: 30 July 2015 16:39 IST
Android Mediaserver Bug Can Render Devices Unresponsive: Trend Micro
Soon after Google announced a security update for the Stagefright vulnerability (a critical security bug) for its Nexus devices, a new bug has been reported that security researchers claim leaves Android device "dead."

Trend Micro's Wish Wu, a mobile threat response engineer, has detailed the newly discovered vulnerability in the Android mobile operating system. According to the report, the vulnerability renders the Android device unresponsive - "silent, unable to make calls, with a lifeless screen."

The vulnerability is said to be present from Android 4.3 Jelly Bean to the current version, Android 5.1.1 Lollipop. It's worth noting that majority of Android devices, almost 90 percent, are currently running these versions, according to the Google's Android distribution numbers.

Wu explains the process, "The vulnerability lies in the mediaserver service, which is used by Android to index media files that are located on the Android device. This service cannot correctly process a malformed video file using the Matroska container (usually with the .mkv extension). When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system)."

Further explaining, Trend Micro notes that the vulnerability can be exploited in two ways either via an installed malicious app on the device or through a specially-crafted website.

Advertisement

"The first technique can cause long-term effects to the device: an app with an embedded MKV file that registers itself to auto-start whenever the device boots would case the OS to crash every time it is turned on," notes the report.

Some of the implication of the vulnerability is said to be unresponsive UI and even claims that if the phone is locked, it cannot be unlocked. Trend Micro speculates some of the potential threat scenarios where it claims attackers can use it for ransomware. However, it's worth noting that once the device is unresponsive; how the attackers will ask for ransom from affected Android users.

Advertisement

Trend Micro notes that the vulnerability was privately reported to Google in May. The company acknowledged the report however marked the issue as a low priority vulnerability. A Google spokesperson told Engadget that the "future version of Android" would patch the vulnerability while stressed that there has been "no evidence of actual exploitation."

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Android, Apps, Google, Malware, Trend Micro
Sebi on Alert for Cyber-Attacks; Warns of Stern Action for Algorithm Misuse
Toyota Robot Can Pick Up After People, Help the Sick
Advertisement

Related Stories

Google Previews Gemini-Powered Android XR Glasses at I/O With Live Language Translation Feature
21 May 2025
Google I/O 2025 Highlights: Google Announces Several New AI Features; Android XR Glasses Unveiled
21 May 2025
Google NotebookLM App for Android and iOS Launched, Comes With Audio Overviews Feature
20 May 2025
Google I/O 2025 Starts Today: How to Watch the Keynote Livestream
19 May 2025
Google I/O 2025: From AI to Android XR, Here's What to Expect From Google's Annual Developer Conference on May 20
19 May 2025

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Microsoft Wants Websites to Have an AI-Powered Natural Language Interface
  2. Google's New Beam Video Communication Platform Can Turn 2D Video Into 3D
  3. iQOO Neo 10 Pro+ With Snapdragon 8 Elite, 6,800mAh Battery Launched
  4. Infinix Hot 60 Pro+ Tipped to Debut as the Slimmest Curved Screen Phone
  5. OnePlus Pad 3 With Snapdragon 8 Elite SoC to Launch Globally on This Date
  6. Nothing Phone 3 Confirmed to Launch Globally in July
  7. How HP Plans to Stand Out as AI PCs Shift Focus to Software
  8. Gemini 2.5 Series Gets Improved Capabilities and a Deep Think Mode
  9. Qualcomm Will Unveil New Snapdragon Flagship SoC Earlier Than Usual
#Latest Stories
  1. Google Previews Gemini-Powered Android XR Glasses at I/O With Live Language Translation Feature
  2. Google Introduces Beam, an AI-Driven Communication Platform That Turns 2D Video Into 3D Experiences
  3. Google Expands AI Overviews to Over 200 Countries in More Than 40 Languages
  4. Google I/O 2025: Gemini 2.5 AI Models Upgraded With Deep Think Mode, Native Audio Output
  5. Google I/O 2025: AI Mode in Search Gets Agentic Capabilities and a Shopping Experience
  6. Apple WWDC 2025 to Be Held From June 9 to June 13: All You Need to Know
  7. Scientists Transform Lead into Gold, But Only for a Fleeting Moment
  8. Scientists Discover Three-Eyed Sea Moth From Half a Billion Years Ago
  9. NASA's LROC Captures ispace RESILIENCE Landing Site Ahead of June 2025 Lunar Touchdown
  10. Canadian Astrophotographer Captures Stunning Sunflower Galaxy from Ontario
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.