A new threat named Stagefright targeting android based devices – smartphones and tablets has been unveiled. The vulnerability is described as the Android’s worst ever which leaves about 95% Android devices exposed as attackers could get easy access to these device via MMS.
According to a report by researchers from Zimperium Mobile Security, about 950 million Android smartphones and tablets around the world are susceptible to this threat but at the the moment the report state there is no report of Stagefright exploit by any Android user.
Hackers and the likes take advantage of the exploit by sending out malicious MMS to Android device; the problem however is whether you read the message or not the device see it as a video file which allows the exploit. Once in, the MMS message can be deleted without the user’s consent.
The vulnerability in StageFright is said to have been resident in Android’s media library since the days of Android 2.2 Froyo in May 2010. While 95% of most Android devices are susceptible to this StageFright threat, about15% running Android OS before Android Jelly Bean are the most vulnerable.
If you are worried if Google knows about this, they actually do and have sent out a patch. But the search giant doesn’t have monotony over updates to smartphones except of course Nexus devices and Google Play Editions. The rest lies in the hands of different manufacturers and carriers.
One possible way to anticipate any unforeseen issues and prevent Stagefright exploitation is to disable automatic retrieving feature for MMS in your messaging app. Different smartphones have different message app setting but there is always an option to disable ‘MMS Auto Retrival’ if you look in the right places.
Zimperium did not give detailed information about Android’s Stagefright vulnerability but the company says it would be discussing the bug in details at the Black Hat USA conference and at DEF CON 23 billed to take place on August 5th and August 7th respectively.
Source: IBTimes
