Norton Halt is a first responder app, designed to alert you on the latest breaking security vulnerabilities and exploits that threaten your device and personal information by allowing attackers to bypass system permissions, inject malicious code, and install unauthorized apps.
• Detects the WifiHs20UtilityService vulnerability
• Checks your device for the Stagefright vulnerability (including Stagefright 2.0)
• Detects the Lock Screen Bypass vulnerability
• Detects the Serialization vulnerability
• Checks for browsers that are vulnerable to Same Origin Policy Security Bypass
• Scans for apps that use vulnerable versions of the Apache Cordova toolkit
• Lets you know whether your device has the Fake ID vulnerability
• Scans your phone to detect MasterKey vulnerability and the Obad Trojan virus
• Prevents multiple lock screen bypass exploits
• Detects Exynos 4 exploit and USSD code attacks
• Blocks unauthorized USSD code requests and stops the dialer from executing USSD codes
• Updated periodically to help protect against threats and vulnerabilities that can expose personal data and financial information.
WIFIHS20UTILITYSERVICE VULNERABILITY (CVE-2015-7888)
The WifiHs20UtilityService vulnerability allows attackers to write a controlled file to an arbitrary path as the system user on certain devices.
STAGEFRIGHT VULNERABILITY (CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829, CVE-2015-3876, CVE-2015-6602)
A remotely exploitable software defect that affects the Android operating system, it allows an attacker to perform arbitrary operations on the victim device through remote code execution and privilege elevation.
LOCK SCREEN BYPASS VULNERABILITY (CVE-2015-3860)
The Lock Screen Bypass vulnerability allows anybody with physical access to the device to potentially unlock it without knowing the correct password.
SERIALIZATION VULNERABLITY (CVE-2015-3825)
The Serialization vulnerability allows attackers to execute arbitrary code with escalated privileges, enabling them to take over the device. This is due to a flawed OpenSSLX509Certificate implementation in the Android operating system.
ANDROID BROWSER SAME ORIGIN POLICY SECURITY BYPASS VULNERABILITY
Allows an attacker to bypass the same origin policy in the Android Open Source Project (AOSP) browser by convincing a user to visit a malicious website. Once the bug is exploited, the attacker could view any Web page open on the AOSP browser.
APACHE CORDOVA VULNERABILITY
FAKE ID VULNERABILITY
Allows malicious apps to break out of a key security sandbox and gain access to parts of the Android OS that are usually out of bounds. These apps “fake” certain Android credentials to gain access and steal users’ personal information (passwords, financial information, etc.).
MASTER KEY EXPLOIT
Malware that hijacks installed apps and turns them into malicious Trojans that can access personal information. Infected devices can be used to steal user data or to create a mobile botnet.
LOCK SCREEN BYPASS EXPLOIT
Variations of this exploit allows attackers to gain full access to your device by bypassing the PIN/password/pattern lock screen.
The Obad exploit injects malicious code into existing apps, to extend the app’s permissions and steal your personal information, usually sending the data via SMS.
Symantec respects your privacy and promises to carefully safeguard your personal data.
For more information: http://www.norton.com/mobile-privacy-policy
- Detection of the WifiHs20UtilityService vulnerability (CVE-2015-7888).