Ars reports on a serious Android exploit to be disclosed at the upcoming BlackHat:
Almost all Android mobile devices available today are susceptible to hacks that can execute malicious code when they are sent a malformed text message.
The vulnerability affects about 950 million Android phones and tablets, according to Joshua Drake, vice president of platform research and exploitation at security firm Zimperium. It resides in "Stagefright," an Android code library that processes several widely used media formats. The most serious exploit scenario is the use of a specially modified text message using the multimedia message (MMS) format. All an attacker needs is the phone number of the vulnerable Android phone. From there, the malicious message will surreptitiously execute malicious code on the vulnerable device with no action required by the end user and no indication that anything is amiss.
(Score: 0) by Anonymous Coward on Tuesday July 28 2015, @06:39PM
I'm sure the courts would just say that its the customers' fault for continuing to use the phone beyond its EOL, and that they acquiesced to the risks by not buying newer model.