If you are the Android-tinkering type then it is more than likely that you have heard of the recent Stagefright vulnerability found in Google's OS. And if not, well it all boils down to a bug, related to some core Android messaging and multimedia capabilities that could potentially allow a hacker to high-jack your Android device by simply sending you a message.
The bug, discovered by Joshua Drake from the Zimperium security firm is pretty dangerous and could potentially affect any Android device starting from version 2.2 Froyo and up, which is almost any Android device currently out there. As you can imagine, this caused quite a stir in the community. Companies like Google and Samsung were quick to respond, promising a path, with the latter already applying the necessary fixes to AOSP, which was also vulnerable itself.
Motorola is also already working on a fix and has recently released a full list of devices that it will be rolling out the required patch to as soon as possible. If you own one of these be sure to check for an OTA in the coming days and definitely install it for some extra piece of mind. The eligible handsets are:
As you might have noticed, the company’s recently announced trio of moto X devices - Moto X Style, Moto X Play and Moto X Pure Edition are not on the list. That is because they will come with the fix bundled, as will all other future phones, since the changes have already been committed to AOSP.
And for those of you aching for some more info on the Stagefright bug it is quite aptly named as it affects one of Android's core components, responsible for handling certain multimedia formats, such as MP4. The vulnerability itself exploits some integer overflow vulnerabilities and can be leveraged by delivering the necessary code to the victim as a multimedia message. In most cases the said message gets downloaded by the OS without need for confirmation from the user, after which the attacker can execute code remotely.
As it turns out most any recent Android or Android-based OS is vulnerable to the bug, but luckily there are still no reports of actual attacks using Stagefright. However, if you are feeling concerned you should check if you are affected using this free app and look into disabling automatic background downloading of MMS messages, where possible of course.
The problem is that the 1st (August) patch provided by Motorola doesn't actually solve the problem, because the 1st patch provided by Google to all its partners was useless: Stagefright Trojan: 2nd Patch created http://www.theinquirer.net/inqu...
No. This article is bullshit. It only affect android version 4.0 and below. Newer android version is safe. Thats why Samsung and LG working with Google to release security updates at least once per month for android Froyo and newer.
Turning off MMS auto download will do as what Zimperium who are the people behind knowing this vulnerability said in a blog post : "Protection: 1. Update your device: Keep your device updated to the latest version at all times. If an update ...