CALIFORNIA – Experts have warned of a massive bug in Google’s Android software that leaves hundreds of millions of handsets in danger. This is likely the biggest smartphone flaw ever discovered.
Mobile security researchers at Zimperium say that they have discovered the ‘worst Android vulnerability in the mobile OS history’, using a flaw in media playback software.
This Android flaw is worse, because a hacker could gain complete control of the phone: wiping the device, accessing apps or secretly turning on the camera.
The problem stems from the way Android phones analyze incoming text messages. Even before you open a message, the phone automatically processes incoming media files including pictures, audio or video. That means a malware-laden file can start infecting the phone as soon as it’s received.
The researchers say attackers only need your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS.
It is believed that all Android phones with Android 2.2 or higher are vulnerable to this attack.