Google Rebuilt the Android Media Stack To Prevent Another Stagefright

Reader Trailrunner7 writes: Android Nougat is bringing with it a slew of security improvements, many of them under the covers, and the one that likely will have the biggest long-term effect is the major rebuilding effort Google undertook on the media stack. That component of the operating system is meant to process audio and video, and it's been a weak spot in Android. The media stack includes the mediaserver process, which is used by a number of apps on Android devices. Researcher Josh Drake last year discovered a critical vulnerability in the libstagefright function in the media stack, which could allow an attacker to get complete control of a target device by sending a malicious MMS message. The Stagefright vulnerability is among the more widespread and dangerous flaws to affect Android, and though Google patched it last year, the company decided to take a more systemic approach to the problem in Nougat. Rather than addressing vulnerabilities on a case by case basis, Google implemented technologies to prevent a large group of bugs.

Re:Read as: Google fails to patch Stagefright

[EndlessNameless]

Rearchitecting a product so that it is inherently less vulnerable is exactly what every software developer should be doing.

Taking a stab at Google over this is something only an idiot would do.