This new version of the Stagefright bug is able to enter arbitrary code into Android devices via specially made MP3 or MP4 files. These two vulnerabilities together are what make the bug dangerous. The first vulnerability can affect any Android device since the operating system’s creation and the bug has been confirmed as working on Android 5.0 and later, reports PC Magazine.
This isn’t Android owners’ first run-in with the Stagefright bug and it won’t likely be their last. Researchers are still looking at the vulnerability and several have found different ways to use it to exploit devices. Google is working on a patch to fix the current problems, but it won’t likely stop newer exploits that are being discovered, PC Magazine notes.
Google is planning to release the patch to fix the new Stagefright bug on Oct. 5. The patch will be available for its own Nexus devices. It has also provided the patch to other smartphone makers that use Android. However, it will be up to these manufacturers to handle sending the patch out to their devices, reports Motherboard.