Apple World Today has broached the topic of operating system fragmentation before. iOS is an example of a mobile operating system that doesn’t suffer from fragmentation, as the vast majority of the devices in the field run either iOS 8 (85 percent) or iOS 7 (13 percent). In the world of Android, only 12.4 percent of users are using the most recent versions known as “Lollipop”. Why the difference in operating system uptake? Android handset manufacturers are loath to change the loaded OS version since that will affect the “bloatware” apps that they install. Some recently discovered Android vulnerabilities are pointing out how fragmentation could make it very difficult for Google to protect users from exploits that can “brick” smartphones and tablets with something as simple as an MMS message.
The “Stagefright” vulnerability has been fixed by Google in the most recent versions of Lollipop, but close to 95 percent of devices don’t run that version of the OS — that’s close to 950 million devices. Stagefright is an Android system service that processes media formats, and the new exploit takes advantage of the service. Through one attack method, attackers would only need the mobile number of a user and send a special media file send via MMS. Once received, the message could remotely execute code, even deleting the message before a user sees it.
Tie this in with another recently discovered Android vulnerability that can essentially “brick” a device by installing a malicious app or pointing a device to a hacker’s website, and the platform could be in serious trouble.
Our take on the news:
Be very, very glad you own and use iOS devices. Apple’s control of both the hardware and software has made OS fragmentation a non-issue for the mobile platform, meaning that any discovered vulnerability can be patched and distributed to almost every user in a very short amount of time. Android users, many of who can’t update to the latest OS version thanks to limitations devised by handset makers, aren’t so lucky.