I just read about it on The Register...
http://www.theregister.co.uk/2015/10/01/stagefright_two_point_oh_android
the writers of that article are a bit off.. technically, its stagefright 3.0 http://www.theverge.com/2015/10/1/9431677/stagefright-android-attack-vulnerability-patch-audio-file
how can i know if im vunreable?
torecdude said:
how can i know if im vunreable?
Click to expand...
Click to collapse
thetes a stagefright detector app. if on the very latest android, youll be fine. if not, time to update.
Oh god, this will never end.
Sent from my Nexus 6
simms22 said:
thetes a stagefright detector app. if on the very latest android, youll be fine. if not, time to update.
Click to expand...
Click to collapse
Uh, no. It hasn't been patched yet. Hopefully will be in the Marshmallow rollout, assuming that incorporates what would have been the monthly security patch for October.
Meanwhile, the detector app does not yet test for this new potential exploit.
So as of this moment, almost everyone is vulnerable.
https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/
boomerbubba said:
Uh, no. It hasn't been patched yet. Hopefully will be in the Marshmallow rollout, assuming that incorporates what would have been the monthly security patch for October.
Meanwhile, the detector app does not yet test for this new potential exploit.
So as of this moment, almost everyone is vulnerable.
https://blog.zimperium.com/zimperium-zlabs-is-raising-the-volume-new-vulnerability-processing-mp3mp4-media/
Click to expand...
Click to collapse
Yeah, was gonna say... I am running Pure Nexus, and Beans was planning to put a patched build out a day ago or so... but said the patch was not going to be released until like the 5th I wanna say?
Have there been reports of stage fright in the wild yet? I'll admit I've been lazy on this one... need to go read up on how it works instead of having bloggers tell me the horrors of what it can do.
scryan said:
Yeah, was gonna say... I am running Pure Nexus, and Beans was planning to put a patched build out a day ago or so... but said the patch was not going to be released until like the 5th I wanna say?
Have there been reports of stage fright in the wild yet? I'll admit I've been lazy on this one... need to go read up on how it works instead of having bloggers tell me the horrors of what it can do.
Click to expand...
Click to collapse
These are potential threats that are extremely hard to exploit. But since it is possible to exploit, it has to be patched. But al least it's not a troian you download from the official Apple Store that was supposed to be checked for spyware.
Zimperium has now updated its app in the Play Store to include the two newly reported vulnerabilities. (Stagefright Detector v 5.0) It does show me as vulnerable on both. I am still awaiting the new October security OTA from Google, and will retest after I get it.
boomerbubba said:
Zimperium has now updated its app in the Play Store to include the two newly reported vulnerabilities. (Stagefright Detector v 5.0) It does show me as vulnerable on both. I am still awaiting the new October security OTA from Google, and will retest after I get it.
Click to expand...
Click to collapse
Just checked my stock Marshmallow and it's safe.
Related
Just curiosity: Are people that are reporting "bugs" (though to me it sounds like apps that need to be updated for full compatibility with Froyo) running the OTA updated 2.2, or manually updated 2.2?
Edit: Changed name to Froyo(HACK) as recommended by someone since no one seems to be running a genuine OTA updated Froyo
Manually-updated using the official signed update from Google, for me. I don't have most of the bugs that have been reported here; the only one I'm currently aware of is that two applications I updated via the market this morning are no longer shown in the "Downloads" list, although they are labeled as "installed" when I search for them in the market. Other than that, no problems here.
crackness said:
Just curiosity: Are people that are reporting "bugs" (though to me it sounds like apps that need to be updated for full compatibility with Froyo) running the OTA updated 2.2, or manually updated 2.2?
Click to expand...
Click to collapse
No one on the entirety of XDA has upgraded via the OTA update. Everyone hacked.
(The OTA was press-only for people who attended Google I/O.)
Paul22000 said:
No one on the entirety of XDA has upgraded via the OTA update. Everyone hacked.
(The OTA was press-only for people who attended Google I/O.)
Click to expand...
Click to collapse
Ahhh.... I thought that was only speculation :/
/trying my hardest not to ***** and moan...
Paul22000 said:
No one on the entirety of XDA has upgraded via the OTA update. Everyone hacked.
(The OTA was press-only for people who attended Google I/O.)
Click to expand...
Click to collapse
Exactly.. About time more people acknowledged this.
logger said:
Exactly.. About time more people acknowledged this.
Click to expand...
Click to collapse
I understand what you're saying.
However Google have released an OTA update to the MEDIA!
They'll grab this with both hands and show how the NEW messiah has fallen over again and how we should have all bought iPhones.....
I do believe this Froyo is HIGHLY unpolished and very dissapointing. It should have been released when it was fully ready.
I'm desperately trying to get back to CM but it seems to have screwed my phone and I'm stuck........
wmm said:
Manually-updated using the official signed update from Google, for me. I don't have most of the bugs that have been reported here; the only one I'm currently aware of is that two applications I updated via the market this morning are no longer shown in the "Downloads" list, although they are labeled as "installed" when I search for them in the market. Other than that, no problems here.
Click to expand...
Click to collapse
The market problem has a fix in this thread:
http://forum.xda-developers.com/showthread.php?p=6572697#post6572697
google needs to provide an official fix for the issue so we don't have to use the hack one
punk4bc said:
The market problem has a fix in this thread...google needs to provide an official fix for the issue so we don't have to use the hack one
Click to expand...
Click to collapse
yoo mean a hack for a hack
I think I'll just wait for the official Google OTA.
Good thing that people around here are chasing up all the last minute bugs for Google though. I am sure they would prefer to see them now rather than after releasing it to the general public.
logger said:
yoo mean a hack for a hack
I think I'll just wait for the official Google OTA.
Good thing that people around here are chasing up all the last minute bugs for Google though. I am sure they would prefer to see them now rather than after releasing it to the general public.
Click to expand...
Click to collapse
good point lol
I'm waiting for the official Google too
Yeah I updated with Paul's version and I would have stayed on froyo but having annoying camera bugs.
I dont think Google meant this as an actual release since you Market isn't allowing protected apps etc with the froyo fingerprint. etc.
So i'm back on Cyan and all is well with the world.
I did however keep the newer radio to test it out.
It would be great if someone around here could change EVERY thread title that mentions this version to FROYOHACK so that once the real official one is released, we dont have to wade through all this pre-release BS. I know it is not possible but just thought.
What were your camera bugs?
I did Paul's too and mine worked 100%. Still have the new radio and according to speed tests it is doing better than the old one
punk4bc said:
What were your camera bugs?
I did Paul's too and mine worked 100%. Still have the new radio and according to speed tests it is doing better than the old one
Click to expand...
Click to collapse
I've posted it in the general forum. QIK app didn't work and if you use the stock camera app and slide to the camcorder then BACK to the camera, N1 would crash.
I posted the logcat and it appears there are some incompatibilities somewhere deep. I tried every kind of wipe and 'band-aid' that I could to get it working and failed miserably.
But I figured since i'm on an AT&T N1 that this release wasn't intended for me and there must be some kind of subtle differences.
*shrug* we'll see.
wmm said:
Manually-updated using the official signed update from Google, for me. I don't have most of the bugs that have been reported here; the only one I'm currently aware of is that two applications I updated via the market this morning are no longer shown in the "Downloads" list, although they are labeled as "installed" when I search for them in the market. Other than that, no problems here.
Click to expand...
Click to collapse
One thing I have learn is a app has a widget and it is moved to the sdcard it will show install but not show. I moved these to the phone and they show now.
logger said:
It would be great if someone around here could change EVERY thread title that mentions this version to FROYOHACK so that once the real official one is released, we dont have to wade through all this pre-release BS. I know it is not possible but just thought.
Click to expand...
Click to collapse
Hey thanks MOD (or whoever did it) for renaming the thread. Excellent Job...
I don't know if it's a bug, but I can't find FM radio anywhere... and I believe it was announced.
logger said:
Hey thanks MOD (or whoever did it) for renaming the thread. Excellent Job...
Click to expand...
Click to collapse
Hah, as OP, I changed it. I didn't realize (though I had read it somewhere else) that the only people who got the OTA update were press/developers who went to I/O.
FOR THOSE JUST READING NOW: According to Paul (and where ever else I read online), anyone else with Froyo updated manually, so take current issues with a grain of salt.
Deusdies said:
I don't know if it's a bug, but I can't find FM radio anywhere... and I believe it was announced.
Click to expand...
Click to collapse
The FM radio stuff was never announced OFFICIALLY. I do remember it being something rumored, but I don't ever remember Google saying it was an addition to Froyo. AND, even if it was announced, read my reiteration above about no normal consumers having the Official OTA update to Froyo.
ibegary said:
I've posted it in the general forum. QIK app didn't work and if you use the stock camera app and slide to the camcorder then BACK to the camera, N1 would crash.
I posted the logcat and it appears there are some incompatibilities somewhere deep. I tried every kind of wipe and 'band-aid' that I could to get it working and failed miserably.
But I figured since i'm on an AT&T N1 that this release wasn't intended for me and there must be some kind of subtle differences.
*shrug* we'll see.
Click to expand...
Click to collapse
I running Froyo on the AT&T Nexus on Telus here in Canada and so far I am having no issues, maybe some app that you installed is causing the crash...weird tho.
crackness said:
Hah, as OP, I changed it. I didn't realize (though I had read it somewhere else) that the only people who got the OTA update were press/developers who went to I/O.
FOR THOSE JUST READING NOW: According to Paul (and where ever else I read online), anyone else with Froyo updated manually, so take current issues with a grain of salt.
Click to expand...
Click to collapse
Sort of ironic now, that people will avoid this thread in favour of ones without HACK in the title, as they will not want to accept that they have a hacked version on their device You cant win I guess.
Better late than never. It's 252.87 MB. No documentation of it yet on AT&T's software-update page, but that should be coming soon.
Gary02468 said:
Better late than never. It's 252.87 MB. No documentation of it yet on AT&T's software-update page, but that should be coming soon.
Click to expand...
Click to collapse
Thanks! I was wondering when this was going to be released, especially when I saw that Google just released the November update for Nexus devices. Like you said, better late than never...
PJ4 update
New update. I downloaded last night. It adds something called Fullscreen? Any one else got any news on what changed? Says security patch level is October 1, 2016. Was about 250MB
Trying to figure that out to. Cant find any Changlog for this
Turned on the advanced messaging again for me. I turned it off since it wasn't working properly. Maybe it's fixed now.
evilvoice said:
New update. I downloaded last night. It adds something called Fullscreen? Any one else got any news on what changed? Says security patch level is October 1, 2016, so it isn't that. Was about 250MB
Click to expand...
Click to collapse
Where did you find a "Fullscreen" option and what would that be for? HMMMM
iteam said:
Where did you find a "Fullscreen" option and what would that be for? HMMMM
Click to expand...
Click to collapse
On this update they added a Fullscreen app which is pretty much pointless. Heres some photos of it:
I agree pointless
marcusva79 said:
On this update they added a Fullscreen app which is pretty much pointless. Heres some photos of it:
I agree pointless
Click to expand...
Click to collapse
LOL LMFAO!!! What 'da hell is that crap lol:silly:
Great another useless app baked in that takes up space and needs to be DISABLED IMMEDIATELY!!!!!
Any change to the modem/better signal strength? PI2 has been crap
evilvoice said:
New update. I downloaded last night.
Click to expand...
Click to collapse
Yes, a thread was started here yesterday afternoon about the update.
Here is the current update: Android 6.0.1 Marshmallow
The details
Release date: November 8, 2016
Android version: 6.0.1
Security patch level (SPL): October 1, 2016
Baseband version: G935AUCU4APJ4
Kernel version: 3.18.20-9439621
Build number: MMB29M. G935AUCS4APJ4
File size: 285MB
The updates
What's new: Full Screen – Mobile Video Service and Android device security enhancements
What's changing: Improved volume for Enhanced Push To Talk (ePTT) and fix for calls failing to go to Voice Mail when calling non LTE devices
What's going: Milk Music
Via AT&T
I just recently switched to the T-Mobile FW and shoot the service has been tons better. Its only been 5 hrs but damn. Also there secuirty patch is in Nov already. Bad thing is Wifi Calling doesnt work. Says invalid SIM
Yep
Hello, could, or anyone uploaded this firmware in this page, because I can not update by OTA, only for odin,
thanks.
English sponsored by the Google translator. :good:
Can we still root if we are on PJ4?
***YES WE CAN!!***
I wish AT&T would give us the performance updates that Samsung released a couple months ago. We just keep getting security updates and more crap software.
dragunbayne said:
I wish AT&T would give us the performance updates that Samsung released a couple months ago. We just keep getting security updates and more crap software.
Click to expand...
Click to collapse
Performance update? Where did you see this?
Sent from my SAMSUNG-SM-G935A using Tapatalk
rbedell said:
Performance update? Where did you see this?
Sent from my SAMSUNG-SM-G935A using Tapatalk
Click to expand...
Click to collapse
You know what? I'm not sure now. I could've sworn I read an article saying there was, now the only reference I find is for T-Mobile S7's getting a performance update.
I was on rooted stock PI2 and accidentally said OK to the OTA and it sent my phone into bootloop. Had to start from scratch.
Is the current root stable enough to use as a daily driver?
Sent from my SAMSUNG-SM-G935A using XDA-Developers mobile app
Just for info
New update to Essential Services on playstore now, 2nd October.
Anybody know what the Services are for?
Edit: Says Bug and performance fixes. Maybe firmware related?
I just got my essential phone off of swappa and it's running build "NMI75B test-keys". For some reason I am unable to update any system apps via the play store while on this build. Camera, Essential Resources, and Essential Services are all showing updates available, but every time I've tried to download them I get error code 505. I think there is something with this test build firmware that is preventing me from updating system apps via the play store. Every other app (150+) that I have installed has worked flawlessly.
xphyle1971 said:
I just got my essential phone off of swappa and it's running build "NMI75B test-keys". For some reason I am unable to update any system apps via the play store while on this build. Camera, Essential Resources, and Essential Services are all showing updates available, but every time I've tried to download them I get error code 505. I think there is something with this test build firmware that is preventing me from updating system apps via the play store. Every other app (150+) that I have installed has worked flawlessly.
Click to expand...
Click to collapse
NM164C is current official build I think. At least on mine.
Found this in a Reddit post:
u/marcus-essential
Sep 27, 2017, 2:59 PM
Build NMI75B is not an official build from Essential. The device in reference from the XDA link is using incremental beta SW in test - 64C is the official release build at this time but we will be releasing another public SW update within the next few weeks. Stay tuned.
Sent from my PH-1 using Tapatalk
dpackerz said:
NM164C is current official build I think. At least on mine.
Found this in a Reddit post:
u/marcus-essential
Sep 27, 2017, 2:59 PM
Build NMI75B is not an official build from Essential. The device in reference from the XDA link is using incremental beta SW in test - 64C is the official release build at this time but we will be releasing another public SW update within the next few weeks. Stay tuned.
Sent from my PH-1 using Tapatalk
Click to expand...
Click to collapse
Yeah I saw that thread. It doesn't explain why some phone inexplicably updated to this test keys build tho. I'm waiting to hear back from support on the matter. I just want to make sure I'm able to receive all future updates.
Anyone noticing better viewing angles on the display after this update?
dnmorenof said:
Anyone noticing better viewing angles on the display after this update?
Click to expand...
Click to collapse
Are u joking?
dnmorenof said:
Anyone noticing better viewing angles on the display after this update?
Click to expand...
Click to collapse
Not quite, but the back seems be more scratch resistant now.
johnny8910 said:
Just for info
New update to Essential Services on playstore now, 2nd October.
Anybody know what the Services are for?
Edit: Says Bug and performance fixes. Maybe firmware related?
Click to expand...
Click to collapse
This should answer your question
https://www.reddit.com/r/essential/..._with_essential_team_wednesday_121pm/dnwqgp2/
JCBomb said:
Not quite, but the back seems be more scratch resistant now.
Click to expand...
Click to collapse
It may be just me, but the screen also seems larger now.
I have build number NMI30E. Is this the current build?
networx2002 said:
I have build number NMI30E. Is this the current build?
Click to expand...
Click to collapse
NMI81C is current.
Sent from my PH-1 using Tapatalk
It fixes the BlueBorne vulnerability, thankfully. I can use my phone with my motorcycle helmet bluetooth communicator again...
Nothing on me.
Anybody?
Got my update yesterday as well. Never had blue-tooth issues for me, but I only use it in my car. Everything else seems fine. Haven't had an OTA issue yet with my S7. They've all been smooth.
do u means this?
Software Version: NRD90M.G930VVRU4BQH4
this is not include BlueBorne ^^
mjmjhkgh said:
do u means this?
Software Version: NRD90M.G930VVRU4BQH4
this is not include BlueBorne ^^
Click to expand...
Click to collapse
That is what I have. Before install the Blueborne scanner showed my phone as vulnerable. After the update, no longer vulnerable. They must have patched it but not referred to it by name.
Drunkula said:
That is what I have. Before install the Blueborne scanner showed my phone as vulnerable. After the update, no longer vulnerable. They must have patched it but not referred to it by name.
Click to expand...
Click to collapse
Thanks about good info.
is this patch include Blueborne or not? ^^
mjmjhkgh said:
Thanks about good info.
is this patch include Blueborne or not? ^^
Click to expand...
Click to collapse
He just said yes.
iBolski said:
Got my update yesterday as well. Never had blue-tooth issues for me, but I only use it in my car. Everything else seems fine. Haven't had an OTA issue yet with my S7. They've all been smooth.
Click to expand...
Click to collapse
Blueborne is not a bluetooth issue. It's a devastating security vulnerability.
https://www.armis.com/blueborne/
Do you run Nougat at 1440p or default 1080p? I tried 1440p for a few days, and it was dropping frames like crazy, so I downgraded to Marshmallow. Now I want to upgrade due to Blueborne.
Just updated. Can confirm armis blueborne app shows it is patched even though update is not september security patch.
https://www.verizonwireless.com/support/samsung-galaxy-s7-update/
Just received Google March Security Patch for my Mate 9. Live in SF. Impressive that update came so fast. Hopefully, Hauwaei realizes how important it is to continue to fix bugs, add security.
Phone is impressive, especially battery power. Never had a phone, being power user, that goes all day and still 50% at night. Beautiful screen, fast, storage.
Got the update about a week ago, nice to see updates still coming. Located in Canada.
Got it on the 12th. Hope the updates continue.
I had the update waiting for a few days, but due to having TWRP, I couldn't install it. Flashed the stock recovery yesterday and updated. The April update is already on FF so hopefully Huawei will continue to push out updates in a timely fashion
Okiera29 said:
I had the update waiting for a few days, but due to having TWRP, I couldn't install it. Flashed the stock recovery yesterday and updated. The April update is already on FF so hopefully Huawei will continue to push out updates in a timely fashion
Click to expand...
Click to collapse
Hope you're right. Continuous updates would give US customers confidence in brand & counter negative publicity by right wingers, who are only concerned with protecting US commerce, not security.
Nice to know April is in FF, and as you said hopefully be pushed out OTA to us.
Can you tell what was the size of update?
Astra1 said:
Can you tell what was the size of update?
Click to expand...
Click to collapse
I believe it is 286K.
Astra1 said:
Can you tell what was the size of update?
Click to expand...
Click to collapse
On the firmware database it shows b367 as 2.3 GB
Here is the update I got
yeah, that is the OTA update they are pushing out, but the next update is already on the TeamMT website. It is listed as 8.0.0.367
http://pro-teammt.ru/firmware-database/?firmware_model=mha-l29c567&firmware_page=0
Okiera29 said:
yeah, that is the OTA update they are pushing out, but the next update is already on the TeamMT website. It is listed as 8.0.0.367
http://pro-teammt.ru/firmware-database/?firmware_model=mha-l29c567&firmware_page=0
Click to expand...
Click to collapse
Anyone know what's in the 367 release?
tboooe said:
Anyone know what's in the 367 release?
Click to expand...
Click to collapse
"Integrates Google security patches released in Apr 2018 for improved system security."
Sent from my MHA-L29 using XDA Labs
If the April patch (USA version) works like the March version, I'm guessing early May to be approved.
FF shows it, but not available, EMUI update shows no updates, so I'd guess it will be a few more weeks
for most people unless you want to jack with the phone a bit.
Buggy
I updated my Mate 9 to the March Security Update a few weeks ago, and ever since then, a few apps have been crashing on startup. Google keep, Gmail, etc. It doesn't say anything after when crashing. And it's annoying as hell.
Got April tonight
Sent from my Huawei Mate 9 using XDA Labs