Google patches second round of Stagefright flaws in Android
Google has issued patches for two new Stagefright-related vulnerabilities, one of which affects Android versions going back to 2008 and puts millions of users at risk.
The flaws were found by security company Zimperium, which also unearthed the original Stagefright flaws in April.
In an advisory Monday, Google said it didn’t appear that attackers have started exploiting the vulnerabilities yet.
The latest flaws are only slightly less dangerous than their predecessors, which allowed a device to be compromised merely by sending a specially crafted multimedia message (MMS). An attacker needed only to know the victim’s phone number.