Last year you guys might have heard of a security vulnerability called Stagefright that seemed to have everyone rushing to patch it. For those unfamiliar, the vulnerability involved hackers being able to remotely gain access to a device simply by sending an MMS, which in turn would be processed by the phone and the code executed.The good news is that ever since the vulnerability, Google has been pretty proactive about issuing scheduled security updates, but this was not enough as Google has decided to address the issue once and for all in Android N. According to Google (via 9to5Google), Google has decided to divide up the mediaserver and permissions on Android into several components and sandboxes.
What this means is that should one aspect become compromised, its reach would be limited due to the sandboxed nature of this approach. According to Google, “This means that compromising libstagefright would grant the attacker access to significantly fewer permissions and also mitigates privilege escalation by reducing the attack surface exposed by the kernel.”
The method is a bit technical but suffice to say, Android N should put Stagefright to bed once and for all. Of course there will eventually be new exploits and flaws since that’s just the nature of things, but given the serious nature of Stagefright, hopefully this will put many Android users’ minds at rest.
Filed in . Read more about Android, Android N, Google and Security.