New Android Vulnerability Could Crash Phones Badly

Bad week for Android. Just days after a criticalStagefright vulnerability was revealed in the widely popular mobile platform, another new vulnerability threatens to make most Android devices unresponsive and practically unusable to essential tasks.

Security researchers at Trend Micro have developed an attack technique that could ultimately crash more than 55 percent of Android phones, almost making them completely unresponsive and useless to perform very basic functions, including to make or receive calls.

The dangerous security flaw affects any device running Android 4.3 Jelly Bean and later, including the latest Android 5.1.1 Lollipop, potentially putting hundreds of millions of Android users vulnerable to hackers.

The flaw surfaced two days after Zimperium researchers warned that nearly 950 Million Android phones can be hijacked by sending a simple text message. Dubbed Stagefright, the vulnerability is more serious because it required no end-user interaction at all to be exploited.

How to Exploit the Flaw?

A hacker can exploit the vulnerability in two ways:

• Through a Malicious Android App
• Through a Specially-Crafted Web Site

Most easy way to exploit the flaw is to lure a vulnerable Android phone to a booby-trapped website. Presumably, in this case, the phone can be revived by just restarting it.

However, the vulnerability if exploited by a malicious app can cause a long-term impact on the phone, according to a blog post published Wednesday by a researcher from security firm Trend Micro.

The malicious app can be designed in such a way that every time the phone is turned on, the app automatically start, causing the operating system to crash shortly after each restart.

This makes the device unresponsive, mute and useless, meaning no ringtone, message tone, or notification sounds will be heard. Neither the user can even receive or make calls.

Root Cause of the Vulnerability

The vulnerability actually resides in the mediaserver service used by Android to index media files located on the Android phone.

"[mediaserver] service cannot correctly process a malformed video file using the Matroska container (usually with the .mkv extension)," Trend Micro researcher Wish Wu wrote. "When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system)."

Researchers have also developed a proof-of-concept (PoC) malicious app that exploits the flaw. You can watch the given video that shows the exploit in work.

Security researchers reported the vulnerability to Google's security team in late May, but the team failed to patch the issue after classifying it as a low-level vulnerability.

Microsoft Windows 10 Privacy, headache extends to Gaming

Windows 10 launched nearly three weeks ago, and while millions of people are upgrading there have been a number of privacy concerns around the new OS. Default settings send information to Microsoft, enable bandwidth sharing to distribute updates to other Windows 10 users, and turn on a Wi-Fi password sharing feature. Mixed with Microsoft's forced automatic updates for Windows 10, a lot of the changes in this new free upgrade seem draconian at first glance. A lack of transparency from Microsoft has left privacy advocates wrestling the reality of the new features against the legal jargon hidden away in license agreements.

The latest example of this is a fresh concern that Windows 10 will disable pirated games. A report surfaced atAlphr last week, noting that Microsoft has updated its services agreement that you agree to when you use certain Windows 10 apps. It's a document that nobody ever reads and you just agree to. This is an agreement that covers Microsoft's services and apps like Skype or Xbox Live that run on top of Windows 10, not an End User License Agreement (EULA) that covers Windows 10 itself. The agreement now includes the following:

"We may automatically check your version of the software and download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorized hardware peripheral devices."

If you assume this applies to Windows 10 then it sounds like Microsoft is going to constantly scan your PC to make sure you don't have any illegal copies of Call of Duty. The reality is probably very different as this applies primarily to the services powering Windows 10. This agreement applies to Xbox and Xbox Live, so it's safe to assume Microsoft will continue issuing Xbox software updates that block certain peripherals and pirated games. The software maker has been doing this for years on the Xbox side, and it's unlikely the company would transfer such a complex disc-based detection system over to the PC.

This latest concern just highlights the complex nature of Windows 10 and a balance of legal requirements and product features. Windows 10 sharing your bandwidth to distribute updates in a BitTorrent-like fashion is something Microsoft should make clearer during installation, or just disable by default. On the other hand, the FUD (Fear, Uncertainty, and Doubt) around a Wi-Fi Sense feature is unnecessary noise that's generated by people who don't understand that it's not sharing all of your Wi-Fi passwords by default as you have to manually opt into every Wi-Fi network that you want to share to friends.

THERE ARE SOME GENUINE WINDOWS 10 PRIVACY CONCERNS

There should be concerns over some of Microsoft's policy wording and Windows 10 feature changes, though. Ars Technica's Peter Bright took the time to analyse the many privacy controls in Windows 10 that are designed to disable some of these controversial features that send data to Microsoft. Bright found that the controls "don't appear to be sufficient to completely prevent the operating system from going online and communicating with Microsoft's servers."

If you disable Windows 10's new Cortana assistant, Microsoft will still send a request to bing.com with a random machine ID to download a file with some Cortana information. Elsewhere, Windows 10 seems to transmit information a server related to OneDrive even when the feature is disabled and logins are using a local account that isn't connected to a Microsoft Account. It's not clear what is being sent, but it's obvious that Microsoft needs to address this as transparently as possible.

All of these changes in Windows 10, including baffling outrage over an ad-supported version of Solitaire that first debuted with Windows 8, are part of where Windows is headed. Windows 10 updates are being distributed weekly at the moment, and while that's a post-launch pace they're going to continue regularly. Microsoft is offering Windows 10 as a free upgrade, which also means the company has to find other ways to monetize Windows and tempt consumers into services and subscriptions. It's similar to how you might give up some personal information in exchange for free Google services. The similarities also mean Microsoft needs to find a balance, just like Google, that is transparent enough to prevent future Windows 10 privacy concerns.

Ransom ware attacks threatens to wearable smart watches and IOT

Are you a proud owner of a Smartwatch, a Smart TV, a Smart fridge, a Smart lock, an Internet enabled car, or live in a smart city?

Caution!

Recently, it has been reported that the growth of the Internet of Things would eventually lead to cyber criminals in making lots of money, as they started attacking the Internet of Things for Ransom.

Yes, the latest Interest of the cyber criminals in the field of Internet of Things is ‘Ransomware’.

Internet of Things (IoT) such as Android and iOS-based wearable Smartwatches and the concept of connected homes has now given a treat to the current generation Ransomware.

With the advancements in Technology, cyber criminals are simultaneously promoting themselves from the threat known for restricting computers or encrypting files and asking users for money in return for gaining back access to their systems.

From computers to mobile phones, now criminals are targeting the IoT and the wearables devices.

Security researchers at Symantec demonstrated how an Android Wear device might be impacted by typical Android ransomware.

In order to conduct this test, the researchers simply repackaged a current Android ransomware app (.apk file) – dubbed “Android.Simplocker”, inside a new Android Wear project.

Next, they took a Moto 360 Smartwatch and paired it with an Android phone. When they installed the new .apk file on the phone, they found that the phone became infected with the ransomware.

As the Smartwatch and an Android phone are required to be paired via Bluetooth for wireless connectivity, the ransomware also got pushed onto the smartwatch once the pairing of both the devices were done.

Once installed on the smartwatch, the malware could be easily activated by the user if they were tricked into running it, by clicking on a malicious app.

After installation, the ransomware will cause the smartwatch to become unresponsive and unusable!

Simplocker Android ransomware then checks for the display of the ransom message every second, and if it is not shown, will push it onto the screen again.

In addition, Simplocker encrypts a range of different files stored on the smartwatch’s SD card.

Now, you must be thinking of escaping from the situation?

You can recover from this situation, but unfortunately, it involves a factory reset of your smartwatch.

But there also stands a condition where the rebooting of the device through hardware buttons is possible, then quickly navigating to the factory reset setting (within 20-30 seconds) before the ransomware is rebooted.

According to Symantec, while this would erase all files on the smartwatch, those files would have been encrypted by the malware in the first place.

For this one needs to keep an updated backup.

No such ransomware has been seen yet, but the day is not far when this becomes a reality.

As, in the past it was evident how smart Televisions got attacked with the ransomware also IoT devices being remotely controlled by the attacker.

Therefore, the crux is that the users need to be more vigilant and even smarter than the technology they are dependent on.

How to Uninstall Windows 10 and downgrade to Windows 8 or 7

After the release of Windows 10, Millions of Windows 7, 8 and 8.1 users have upgraded their systems to Windows 10. Thanks to Microsoft's free system update.

Windows 10 inbuilt rollback vs. EaseUS System GoBack

Microsoft even offers Windows users with an opportunity to downgrade their computer to their previous version of operating system after an upgrade, but the opportunity lasts for only 30 days.

This is really cool, but what if you upgraded your system to Windows 10, used it for more than a month and then realized that it’s hard for you to adopt?

Now, How do you get your favorite Windows version back?

You don’t need to go through that lengthy procedure of downloading and installing the old Windows again to downgrade your system to the previous version.

I have a better and an easy solution to your problem.

You can now quickly go back to your previous Windows Operating System and restore all your old applications & games with just one click. Thanks to a new tool called EaseUS System GoBack Free.

EaseUS is well known for its Data Recovery and Backup software tools and now has came up with a new Free Windows rollback alternative that allows Windows users to safely downgrade their Windows 10 system to Windows 7, 8 or 8.1.

The free software tool creates an image of your old operating system to use it afterward if you decided to downgrade the latest Windows 10.

Quick Features of EaseUS System GoBack Free

• Protect your Windows 10 upgrade experience to avoid any data loss.
• Restore your old operating system, applications and games without reinstalling.
• Downgrade from Windows 10 to Windows 7/8/8.1 if necessary.
• Go back to the previous system station whenever you need.

There are numerous of backup software programs out there in the market that offer the same feature, but it is the simplicity of this software that makes it best among the others.

EaseUS System GoBack Free works on all versions of Windows operating system starting from Windows XP to Windows 7,8 and 8.1.

How to Downgrade Windows 10

1. Download 'EaseUS System GoBack Free' application from the developer website.
2. Install the software from Start Menu. Now, when you start the program you will notice only two options, “Backup System” and “Go Back”.
3. Click on “Backup System” before upgrading the operating system or rolling back to the previous system.
4. Now, if you want to go back to your previous operating system, just open the software and Click the “Go Back” option.

EaseUS System GoBack Free is just a one click process to get back to your old operating system, and you should consider it seriously before upgrading your system to Windows 10.

Note: The software works only when you run it prior to upgrading to Windows 10. You need to create a Backup of your old operating system using this program. Otherwise, you will not be able to go back to your previous OS using third-party software.

Incomplete Security patch !! Millions are Vulnerable

Wanna hack someone's Android smartphone by sending just an MMS message?

Yes, you can, because Google's patch for the Stagefright vulnerability in hundreds of Millions of Android devices is BUGGY.

Last week, Google issued an official patch for Stagefright vulnerability that affects 95 percent of Android devices running version 2.2 to version 5.1 of the operating system, an estimated 950 Million Android devices in use worldwide. But, the patch is so flawed that hackers can still exploit the Stagefright vulnerability (CVE-2015-3824) anyways.

"The [original] patch is four lines of code and was (presumably) reviewed by Google engineers prior to shipping," researchers at Exodus Intelligence wrote in a blog post published Thursday. "The public at large believes the current patch protects them when it, in fact, does not."

Buggy Patch Issued by Google

 

The patch doesn't fix the vulnerability, allowing booby-trapped MP4 videos that supplied variables with 64-bit lengths to overflow the buffer and crash the smartphone when trying to open that multimedia message. The firm notified Google of the issue on August 7th, two days after their Stagefright presentation at the Black Hat conference, but it didn’t receive any reply from the company regarding their release of an updated fix.

Therefore, the firm released code showing how to crash the smartphone exploiting Stagefright vulnerability because the search giant is still "distributing the faulty patch to Android devices via over-the-air updates." The flawed patch has been assigned the vulnerability identifier CVE-2015-3864, according to the Exodus researchers, but at the moment it is hard to say when a right fix for the loophole will be available.

"Google employs a tremendously large security staff, so much so that many members dedicate time to audit other vendor's software," but if it can't "demonstrate the ability to successfully remedy a disclosed vulnerability affecting their own customers then what hope do the rest of us have?," the Exodus researchers wrote.

When reached out for comment, a Google spokesperson confirmed the findings and said the company had distributed the second patch to its OEM partners, however, its own Nexus 4/5/6/7/9/10 and Nexus Player will receive the patch as a part of its September patch update.

So, in order to get rid of this problem, you need to keep an eye for this new patch to fix the old flawed-patch.