Mobility_report_07_2016_public

Enterprise Mobility Report 07/2016
Creation date:
Author:
11.8.2016
System4u, s.r.o.
Enterprise Mobility Report
July 2016
Content
Content ....................................................................................................................... 2
Introduction ................................................................................................................. 3
iOS ............................................................................................................................. 3
Vulnerability ............................................................................................................ 3
Android ....................................................................................................................... 4
Vulnerability ............................................................................................................ 4
Blackberry................................................................................................................... 6
Vulnerability ............................................................................................................ 6
Windows Phone.......................................................................................................... 7
Vulnerability ............................................................................................................ 7
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
2
Enterprise Mobility Report
July 2016
Introduction
This is the public version of System4u's Enterprise Mobility report. You can find here news
about security of iOS, Android, Blackberry and Windows Phone operating systems. We cover
also EMM solution MobileIron in this report, others EMM solutions will come in the future.
Full version of report is issued for our customers and subcsribers. You can find there not only
the news about security, but also interesting articles, links from the enterprise mobility world
and recommendations to mitigate the vulnerabilities.
iOS
Vulnerability

Apple has just released iOS 9.3.3 for iPhone, iPad and iPod touch. The new
software update is by no means as interesting or as feature-rich as iOS 10, due
to be released publicly in the fall, but it includes some important bug fixes and
performance improvements for iOS users.

A flaw in the way Apple software handles images allows hackers to take over
an iPhone, iPad, Apple Watch, Mac or Apple TV with a simple iMessage or
email.
The vulnerability in Apple’s picture-handling Image I/O API means that a
malicious Tagged Image File Format (TIFF) file can force a so-called buffer
overflow, which allows a hacker to break through Apple’s security and run their
own code on a device.
Tyler Bohan from security firm Cisco Talos said: “This vulnerability is especially
concerning as it can be triggered in any application that makes use of the Apple
Image I/O API when rendering tiled TIFF images.”
Most apps on an iPhone, for instance, use the Image I/O API to render pictures,
including Messages, MMS, Safari, Mail and others, leaving them all vulnerable
to this attack.
You should install 9.3.3 iOS version.
Site:
support.apple.com
itcomputersupportnewyourk.com
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
3
Enterprise Mobility Report
July 2016
Android
Vulnerability

In the July 2016 security bulletin, Google has released patches for Android to
protect users against numerous security vulnerabilities. The most severe
security weakness is a critical flaw in Mediaserver, which could enable hackers
to access an Android device through email, web browsing, and MMS when
processing media files. Google is not currently aware of any instance of these
vulnerabilities being exploited in the wild.
Google recommends that you accept the update as soon as you receive the
notification on your Android device.

Samsung has published the July security patch bulletin ahead of Google, listing
all the vulnerabilities that have been addressed as part of the latest release. As
well as 44 Google security patches, Samsung also noted four of its own that
have been patched.

MIUI is the flavor of Android (currently based on Android 6.0) developed by
Xiaomi. While developed primarily for use on Xiaomi’s own devices, MIUI builds
are freely available for numerous devices from other vendors.
Xiaomi is currently the third-largest smartphone manufacturer in the world,
behind Samsung and Apple, in terms of devices shipped. More than 70 million
devices were delivered in 2015, and many millions of these may be impacted
by this vulnerability.
The vulnerability we discovered allows for a man-in-the-middle (MitM) attacker
to execute arbitrary code as the highly privileged Android system user. It has
been remediated by Xiaomi from MIUI Global Stable version 7.2, and IBM
strongly recommended that users update their firmware as soon as possible to
ensure they are not vulnerable.

The Android Security Bulletin contains details of security vulnerabilities affecting
Android devices. Alongside the bulletin, Google have released a security update
to Nexus devices through an over-the-air (OTA) update. The Nexus firmware
images have also been released to the Google Developer site.
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
4
Enterprise Mobility Report
July 2016
The most severe of these issues is a Critical security vulnerability that could
enable remote code execution on an affected device through multiple methods
such as email, web browsing, and MMS when processing media files.

A new and potent Android Trojan has been leaked on several underground
forums, making it available for free to less resourceful cybercriminals who are
now likely to use it in attacks.
The Trojan app is called SpyNote and allows hackers to steal users' messages
and contacts, listen in on their calls, record audio using the device's built-in
microphone, control the device camera, make rogue calls and more.
According to researchers from Palo Alto Networks, SpyNote does not require
root access to a device, but does prompt users for a long list of permissions on
installation. The Trojan can also update itself and install other rogue applications
on the device.
It's not clear yet how attackers intend to distribute it to victims, because
researchers haven't observed attacks in the wild using it. However, they believe
that such attacks are very likely giving that the SpyNote builder is now available
for free.

Online security company Proofpoint have found infected knockoff copies of the
newly released mobile game.
They identified an Android application package of Pokémon GO that carried a
nasty software that, when downloaded, would give hackers remote-control
access of your device.
The infected version of the mobile game installs a remote access tool (RAT)
called DroidJack to your phone.
From here attackers can seize control of your device and harvest personal
information by tracking your movements.
Malicious activity could include stealing your passwords, credit card numbers,
silently installing further viruses and recording video, all without your knowledge
Site:
securitylondonmagazine.com
www.androidcentral.com
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
5
Enterprise Mobility Report
July 2016
news.softpedia.com
https://source.android.com
threatpost.com
www.scmagazine.com
http://www.mirror.co.uk
Blackberry
Vulnerability

BlackBerry has started rolling out the July 5 security patch to its Android
smartphone Priv. The July 1 security patch is partial whereas the July 5 security
patch is complete with all the fixes so it’s good to see BlackBerry not waiting to
roll out the latter in the next month and instead rolling out the patch in July.
The vulnerabilities posted by BlackBerry on its security bulletin are similar to the
ones posted by Google on its security bulletin (Priv runs on Android
remember?).
Some of the vulnerabilities fixed by BlackBerry with this security patch are:
Remote Code Execution Vulnerabilities in Mediaserver
Remote Code Execution Vulnerability in OpenSSL & BoringSSL
Remote Code Execution Vulnerability in Bluetooth
Elevation of Privilege Vulnerabilities in Mediaserver
Denial of Service Vulnerabilities in Mediaserver
Elevation of Privilege Vulnerability in NFC

Blackberry announces the world´s most secure Android smartphone – DTEK50
Former mobile phone giant BlackBerry has announced it will cease
manufacturing its BB 10-powered BlackBerry Classic smartphone.
Though BlackBerry said that it will continue to support BlackBerry 10 devices
through software updates, with version 10.3.3 scheduled for next month and
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
6
Enterprise Mobility Report
July 2016
another one next year, the fact that the company is killing one of its flagship
designs seems a symbolic move.
Site:
support.blackberry.com
Windows Phone
Vulnerability
No vulnerabilities in this month.
System4u s.r.o.
Křížová 18, 603 00, Brno
Czech Republic
Tel.: +420 543 210 522
E-mail: [email protected]
www.system4u.cz
IČ: 26945231, DIČ: CZ26945231
Zapsaná v obchodním rejstříku u Krajského
soudu v Brně, oddíl C, vložka 47320.
7