The vulnerability resides in mediaserver, Android’s background service responsible for indexing videos, pictures, and audio. Trend Micro says that with the right know-how, a hacker could craft a malformed Matroska (usually .mkv) container capable of crashing mediaserver — and the entire operating system, subsequently — when it attempts to process the file. Researcher Wish Wu writes in a blog post that during testing, the exploit affected devices running Android 4.3 and above — about 57 percent of all Android smartphones and tablets by Google’s last count.
In its report, Trend Micro envisions increasingly dire scenarios from missed ring tones to permanently locked phones, arising from the exploit. The researchers even theorize a malicious app could render devices inoperable by loading the malformed file at boot. But Google, which was informed of the exploit last week, is a bit more measured. “While our team is monitoring closely for potential exploitation, we’ve seen no evidence of actual exploitation,” a spokesperson told Mashable. “Should there be an actual exploit of this, the only risk to users is temporary disruption to media playback on their device.”
Ultimately, the vulnerability, while worrisome, isn’t quite as dire as the Stagefright exploit, which allows hackers to hijack and install malware on phones with a simple text message. Still, Google says it’s working on a fix. In the meantime, it suggests that anyone affected by the mediaserver bug try navigating away from the malicious website or uninstalling the misbehaving application.
