Android? Using MP3 and MP4? If Yes - Implement white-list NOW!


#1

This is as nasty as bugs get. You can expect more changes in the white-list protocol, plugin and CSP. Save yourself some work and headache. Learn about white-listing NOW, because your going to change your plugin – very, very soon, and you will want to up your game.

FWIW: If you do a blog post on this, let me know - I’ll circulate your blog post. Also, I am not regular on this forum. You can find me on Google Groups.

A billion Android devices vulnerable to hack via Stagefright 2.0 bug
http://www.cnbc.com/2015/10/02/a-billion-android-devices-vulnerable-to-hack-via-stagefright-bug.html

Zimperium zLabs is Raising the Volume: New Vulnerability Processing MP3/MP4 Media.
https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media

Best of Luck
Jesse