Researchers at Ziperium Mobile Security have detected the security breach in Android devices known as Stagefright. Such a vulnerability endangers nearly a billion devices running Google's OS. After the report was released by the mobile security research firm, Google and other manufacturers went public and said they are working on system upgrades to correct the problem. Below you will learn all about the Stagefright and the steps each OEM is taking to ensure that their devices do not have the data exposed.
What is Stagefright?
The security flaw Stagefright It is linked to video processing by a system library and mainly to attachments sent via MMS messages. According to the researchers, the vulnerability could be present on all devices running Android Froyo 2.2 at the latest with Android 5.1 Lollipop. Failure provides privileged access to hacker which, through MMS messages with attached videos, can explore and execute various commands on the device.
How to tell if your device is vulnerable?
To find out if your device is subject to this type of attack, you can choose between the two apps listed below. Both tell you if your smartphone is vulnerable to Stagefright.
How to protect yourself
Below we teach you the steps you should take to protect your device. Keep in mind that both Hangouts and your manufacturer's default messaging app can bring such a setting. In this example, let's use Hangouts as the device's default SMS program:
- Open Hangouts and go to the app settings menu.
- When selecting this option, click on SMS and uncheck "recover MMS automatically"
The first thing you should know is that to fix this loophole Google has already released a patch package for all devices running the Android operating system. The news was confirmed by Adrian Ludwig, Android's chief security engineer, who released the list of the first devices that have ever received or will receive the patch package. Thus, Nexus models will be the first to receive the update that will correct the failed processing detected in the MMS service multimedia library. According to Ludwig, manufacturers have already received the update and it should be available in August for the following devices:
Nexus 6, Nexus 5, Nexus 4, Nexus 9, Nexus 7 (2013), Nexus 7 (2012), Nexus Player |
Galaxy S6, Galaxy S6 Edge, Galaxy S5, Galaxy Note 4 and Galaxy Note Edge |
One M8 and One M9 |
LG G2, LG G3 and LG G4 |
Xperia Z2, Xperia Z3, Xperia Z3 + and Xperia Z3 Compact |
Moto G 2015, Moto X Play, Moto X Style (ex-factory with update); Moto X, Moto X 2014, Moto Maxx, Moto G, Moto G 2014, Moto G 4G, Moto G 4G 2015, Moto E, Moto E 2015 |
The manufacturers have announced that these updates may take a while to arrive, as it should be taking into account the time when operators will be able to prepare the handsets to receive the update. In the case of Motorola, for example, the system carrier will be sent to its partner carriers by August 10, this Monday. Therefore, we advise you to take care to protect yourself from this security breach as explained above.
In addition to the new package, Adrian Ludwig has announced a new monthly update system for Android, which should receive new fix packs every 30 days and avoid such concerns in the future.
What's more, your device is on the list of the first to receive the new package. of security?
(tagsToTranslate) android (t) security (t) threat (t) crash (t) breach (t) MMS (t) anti-virus (t) security on android (t) virus (t) Stagefright (t) android lollipop (t) android froyo (t) MMS (t) Hangouts