In July 2015, there was a potential exploit which was found for Android OS where a video sent through MMS offer access to the hacker. Now with the Google Hangouts app managing all the Messages, the video would get processed automatically and the device could be attacked. Following the news Google started pushing updates to the Nexus series and few other manufacturers have also rolled out the update to their devices.
Now we have Stagefright 2 which was discovered by Trend Micro which allows the hacker to run any of their own codes on the Android Devices. It is another media server vulnerability which can be used to perform attacks with the exploits. Again it is applicable to all the Android devices running on version 2.3 to Lollipop 5.1.1.
How it Works
First this vulnerability involves AudioEffect which is a component of the media server program. The program convinces the user to install an application which does not require any permissions. Read more at Trend Micro Blog
