Security Alert: New Android Flaw Can Brick Your Smartphone

9 years ago

July 30, 2015 at 8:45 am

There’s yet another Android flaw to contend with following the Stagefright Bug. This one can totally brick an Android phone, and as yet, there’s no fix.

Image: Family O’Abé

Trend Micro’s reporting on a flaw in the mediaserver service in all versions of Android from 4.3 up to 5.1 that can be abused either through a specifically crafted app or specifically coded Web site. The Web flaw should only cause a single reboot of a device, but a compromised app could in theory cause an endless non-responsive reboot loop with a dead screen, or in other words, a completely bricked Android smartphone.

This isn’t quite as critical as the Stagefright bug, given that it’s an exploit that does require some user intervention, either by visiting a web site or downloading an app. Here’s the exploit in action if you get all excited by bricked phones, bearing in mind that this is just a proof of concept at the moment.

Trend Micro Discovers Vulnerability That Renders Android Devices Silent [Trend Micro]

Comments

6 responses to “Security Alert: New Android Flaw Can Brick Your Smartphone”

READ THE COMMENTS

darren

July 30, 2015

I don’t understand the apps with malicious code in them. Who downloads these things?
1. doggie015
  
  July 30, 2015
  
  People who don’t understand how app stores work
2. phalacee
  
  July 30, 2015
  
  Hypothetical:
  So I build an app, charge 0.99c for it, everyone wants that app, but shy away from the cost… Some malicious jerk copies my app, adds some malicious code to it and releases it for free on XDA or something … it gets covered on blogs every where as a free alternative to the awesome app I created, and people are installing it left right and centre … BOOM, your phone just got compromised…
rickinoz

July 30, 2015

Saying “a completely bricked Android smartphone” is an exaggeration. That would imply even the bootloader is not accessible, which is not the case here.

So simply boot into recovery and either restore from a backup or re-flash the OS. As long as the /data partition isn’t affected (and this exploit doesn’t seem to) it should be entirely possible to restore the device.
1. brom
  
  August 1, 2015
  
  Not on stock firmware. Then your only choice is to restore to factory defaults without keeping any data.
jamesvang86

August 5, 2015

Most of people even don’t know how to use the app store.

Start Making Your To-do List Before Bed

How to Unlock Your Pixel With Your Pixel Watch

Eight of the Best Read-it-later Apps to Help You Navigate Your Backlog

When You Should Use Sand on Your Lawn (and When You Shouldn’t)

4 Ways to Get the Most Out of Your Robot Vacuum

The Best Mobile Plans to Keep Your Phone Bill Under $30

Here Are Amazon Australia’s Best Deals of the Week

Here Are the Fastest Internet Providers and NBN Plans in Australia

19 Sustainable Mother’s Day Gifts That’ll Show Some Love to Your Mum and the Planet

Save up to $300 on Optus’ Biggest SIM-Only Plan Bundle

Security Alert: New Android Flaw Can Brick Your Smartphone

Comments

6 responses to “Security Alert: New Android Flaw Can Brick Your Smartphone”