Threat Category: Mobile Operating System
ID: STA-3
Threat Description: Vulnerabilities in how various file types (e.g. graphic, audio, font, x509 certificate) are handled by any software running on a mobile device (e.g. mobile apps, mobile OS, native or 3rd party software libraries, device drivers, mobile OS kernel) may allow an attacker to craft a malicous file that when processed, results in code execution in the context of the vulnerable component.
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
TALOS Vulnerability Report 1
CVE Examples
Possible Countermeasures
To reduce the probability of this variety of attack, configure devices to automatically install or, at a minimum, notify users of the availability of security updates for the mobile OS, drivers, and installed apps.
To minimize the latency between exploit notification and the availability of security fixes, choose devices that have a reputation for providing security patches in a timely fashion.
To minimize opportunity for this attack under a known exploit, use email filtering technologies to block attachments from untrusted domains to contain suspect file types.
To prevent exploitation of this variety of attack under a known exploit, educate users to be suspicious of the file types in question, and when possible, avoid opening them on vulnerable devices.
To minimize the risk of access from compromised devices, use EMM/MDM solutions in combination with devices that successfully enforce policies to block access to enterprise resources for vulnerable devices.
Mobile Device UserTo reduce the probability of this variety of attack, configure devices to automatically install or, at a minimum, notify users of the availability of security updates for the mobile OS, drivers, and installed apps.
References
TALOS Vulnerability Report; http://www.talosintelligence.com/reports/TALOS-2016-0186/ [accessed 8/23/16] ↩