A denial-of-service vulnerability we recently disclosed to Google can do exactly that and more. Designated as CVE-2017-0780, we’ve confirmed it to be in the latest Nexus and Pixel devices. The security flaw can let attackers illicitly and remotely crash their victims’ Android Messages app by sending a malformed multimedia message (MMS). The app will also be incapable of recovering from the crash even if the device/system is rebooted or booted in safe mode.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-0780-denial-service-vulnerability-android-messages-app/
沒有留言:
張貼留言