Advertisement

'Stagefright' vulnerability files released to the wild

On the heels of its Stagefright detection app, Zimperium (the outfit that discovered the Android security flaw) has released its exploit to the public. But before you get your hands dirty tinkering with it to find a fix there are a few things you need to consider. Zimperium says that it was tested on a Nexus device that was running Ice Cream Sandwich 4.0.4 and that "due to variances in heap layout" this exploit isn't entirely reliable. The Python script does work to take advantage of "one of the most critical" vulnerabilities the outfit discovered in the security flaw's library, however. Perhaps the biggest caveat, though, is that since the file was tested with Ice Cream Sandwich, Zimperium says that elements of Android 5.0 Lollipop, the fast-growing OS of choice for Android users, basically nullify its attempts to address the problem.