For the second time this week, security researchers have given Android users something to worry about.
On Thursday, researchers at Trend Micro announced they ve discovered a flaw that could render an Android device unusable. The vulnerability affects more than half of the Android gadgets currently used by consumers, they said.
Although the security company reported the vulnerability to Google back in May, the company has designated the problem a low priority and has yet to issue a fix, Trend Micro said.
The vulnerability is the second major one concerning Android to come to light recently. Earlier this week, security researcher Joshua Drake unveiled a flaw that could allow bad actors to hack into an Android phone with a simple — and sometimes undetectable — multimedia text. That vulnerability, dubbed Stagefright after the multimedia software that is exploited by it, affects an estimated 950 million Android devices.
The new flaw that was discovered by Trend Micro affects Android devices running versions of the operating system from 4.3 Jelly Bean through the current 5.1.1 Lollipop. Its similar to the Stagefright bug in that it also affects how Android devices handle videos and other media files. In this particular case, though, the vulnerability involves the use of a defective MKV file, a format frequently used for videos. If the the MKV file is set to automatically start whenever the device boots up, it will cause Android service that handles videos to crash and will also cause the entire device to become unreponsive or even crash itself.
Trend Micro demonstrated that the faulty MKV file could be delivered via an app or a through a Web page with similar results.
The security company said that Android users can protect their devices from the threat through using anti-malware apps including — surprise, surprise! — its own. Consumers whose devices have been compromised by the bug can potentially delete it by booting their devices in safe mode, the researchers said.
Photo: A person costumed as the Android operating system mascot stands at the Google headquarters in Mountain View in 2013 (AP Photo/Marcio Jose Sanchez).
