Rooting (that is, using a security flaw to gain control over an operating system) is a staple of the Android enthusiast world, but it’s also used by would-be attackers… and Google just offered a textbook example of this problem. It’s warning of a vulnerability in Android’s Linux-based kernel that lets apps get root access, giving intruders free rein over your device. And this isn’t just a theoretical exercise — Zimperium (which discovered the Stagefright bug) says it has spotted publicly available apps that make use of the hole.
The good news? Fixes are coming quickly, at least for some users. If you’re using the AOSP version of Android, you can install a patch right now. You’ll have to wait if you’re using other releases, but a fix is coming in Google’s next monthly security update, which hits April 2nd.
Submitted by: Arnfried Walbrecht