This isn't from woozworld but this is for security of all of your android phones:
99% of Android users are susceptible to the new BroadAnywhere vulnerability!
A newly discovered vulnerability called BroadAnywhere could severely impact almost every Android user.
The recently launched Android 5.0 Lollipop has fixed a serious issue (Bug: 17356824), however, every version below 5.0 is still at risk. Currently, the number of people exposed could be as high as 99% of all Android users. This issue, currently being referred to as "BroadAnywhere", is able to forge messages from any sender, crash or restart your device, or even completely wipe all data stored on the phone!
The crux of this flaw is that Android’s Settings app can transfer a parameter called PendingIntent to all third party apps, and these apps are then able to modify the contents of PendingIntent and then send it back to the system. Simply put, malicious apps can freely modify some settings of the device. This allows the malicious apps to do a lot of dangerous things.
How exactly might this issue affect you?
1. Devices could stop working
BroadAnywhere can cause the entire system to stop responding, turning your device into a paperweight for a while. Functions will gradually cease to perform, and eventually the device will crash.
2. SMS content and its sender can be forged
Attackers can send messages to your device that appear to be from whoever they choose. For example, they could send a message that appears to be from your cousin, asking you to urgently deposit some money into a bank account…
3. All your data could be wiped
With BroadAnywhere, malicious apps are able to send a “com.google.android.c2dm.intent.RECEIVE” broadcast, which essentially means that the device will undergo a factory reset and will act the same as if you’d just bought it and taken it out of the box for the first time. All of your apps, photos, videos, contacts, messages and everything else will be gone.
Check out this POC Demo for the Android Broadanywhere Vulnerability for more details
To protect against this vulnerability, please use Clean Master and CM Security, and ensure that they are fully updated. We have ensured that we are able to block malicious apps that try to use this vulnerability, and will continue monitoring this situation closely to ensure that our users are kept completely safe.
Stay safe Woozens and Android users!
-Kristina ♥
No comments:
Post a Comment