It seems the Stagefright storm hasn’t quite passed after all. As most of you might remember, a few months ago a scary vulnerability in one of Android’s core multimedia libraries was uncovered and found to affect almost every device powered by Google’s OS, as early as 2.2 Froyo. Since then, there have been no reports of an actual exploit utilizing the bug, but, naturally, it gave the whole industry quite a scare, triggering a quick reaction from many OEM’s like Motorola and Samsung, who issued emergency fixes.

Just when we thought troubles had passed, Zimperium, the same security company that shed light on the initial vulnerability, now warns of two new bugs that have been found in the very same Android Stagefright component. According to the official description, the new duo of vulnerabilities can be exploited with specially crafted MP3 and MP4 files. The first is found in a function within libutils and could impact nearly any Android build, as early as Android 1.0. The second one, however, might be even more frightening, as it relates to a hole in libstagefright and allows for injecting malicious code and gaining root access on devices running Android 5.0 Lollipop and up.

This new announcement seems to render a large chunk of the existing Stagefright emergency patches powerless and is troubling, since we were left with the impression that no new builds of Android would be affected any more. The existing measures, however, are far from useless, as they seem to have patched the previous MMS delivery method almost completely. If a hacker were to use these new back doors, it would theoretically have to be through the Web browser, either by methods of phishing, malicious apps and ads of even a man in the middle attack if the devices are on the same network.

Now that we are all sufficiently scared, here’s the good news. First and foremost, like the original Stagefright vulnerability, it is unlikely that this new batch will ever be used in an actual exploit, especially since Joshua J. Drake of Zimperium, largely responsible for uncovering the issues, has decided to be extra cautious this time around and not share a proof-of-concept exploit for this new vulnerability with the general public. Even the company’s original Stagefringt detector app will receive an update to pick up the new threat only after Google has developed a patch.

All things considered, we, as end-users, shouldn’t really feel worried at this point.

Source |…

from GSMArena.com – Latest articles http://ift.tt/1JLBfuo
via IFTTT

Gionee’s Elife E8 smartphone, which was made official back in June this year, could be launched in India next week. The information comes courtesy of a teaser (shown below) revealing a new phone launch in the country’s capital of New Delhi on October 8.

There is currently no information on the price tag the handset will carry in India – in China, it costs RMB 3,999 (around $630 or INR 41,000).

Specs-wise, the device is powered by a Mediatek Helio X10 chipset with an octa-core processor clocked at up 2GHz, and a PowerVR 6200 GPU. It sports a 6-inch QHD display, comes with 3GB of RAM and 64GB of internal memory, and packs in a 3500 mAh battery.

In terms of camera, the Elife E8 features a 24MP rear unit and an 8MP front shooter. It runs Android 5.1 Lollipop-based Amigo 3.1 OS, and also includes a fingerprint scanner on the back. The smartphone could be exclusively sold online given that the teaser also mentions Gionee’s entry into the e-commerce…

from GSMArena.com – Latest articles http://ift.tt/1L3NSlA
via IFTTT

Motorola just dropped the list of devices that will be getting the Android 6.0 Marshmallow update. It included phones such as the Moto X 2nd and 3rd gen, Moto G 2nd and 3rd gen, Droid Turbo/Moto MAXX/Moto Turbo, and unsurprisingly the Nexus 6.

But if you looked closely you’d notice that the Moto E 2nd Gen, launched a mere eight months ago, is not part of the list. Somehow, a device so new, and launched on the promise of keeping the phone up to date, won’t be getting a major update released within a year of its launch.

But that’s not all. The carrier versions of the Moto X 2nd Gen will also not be getting the update. This includes the AT&T and the Verizon models, that too weren’t released a long time ago. Not to mention the carrier unlocked version of the same phone getting the update.

Motorola sure has some explaining to…

from GSMArena.com – Latest articles http://ift.tt/1Vwc8mm
via IFTTT