Stagefright: Which manufacturers are working on corrective system updates?

Researchers at Ziperium Mobile Security have detected the security breach in Android devices known as Stagefright. Such a vulnerability endangers nearly a billion devices running Google's OS. After the report was released by the mobile security research firm, Google and other manufacturers went public and said they are working on system upgrades to correct the problem. Below you will learn all about the Stagefright and the steps each OEM is taking to ensure that their devices do not have the data exposed.

What is Stagefright?

The security flaw Stagefright It is linked to video processing by a system library and mainly to attachments sent via MMS messages. According to the researchers, the vulnerability could be present on all devices running Android Froyo 2.2 at the latest with Android 5.1 Lollipop. Failure provides privileged access to hacker which, through MMS messages with attached videos, can explore and execute various commands on the device.

stagefright exploit demo
This is how Stagefright works: by receiving an MMS message via Hangouts your device will already execute arbitrary code and your data will be at risk. / Zimperium

How to tell if your device is vulnerable?

To find out if your device is subject to this type of attack, you can choose between the two apps listed below. Both tell you if your smartphone is vulnerable to Stagefright.

stagefright exploit demo
Both apps tell you if your smartphone is vulnerable to Stagefright. / ANDROIDPIT

How to protect yourself

Below we teach you the steps you should take to protect your device. Keep in mind that both Hangouts and your manufacturer's default messaging app can bring such a setting. In this example, let's use Hangouts as the device's default SMS program:

  1. Open Hangouts and go to the app settings menu.
  2. When selecting this option, click on SMS and uncheck "recover MMS automatically"
androidvirus "sizes =" (max-width: 806px) calc (100vw - 24px), (max-width: 995px) 782px, (max-width: 1216px) calc (2 * (100vw - 30px) / 3) + 15px - 24px), 782px "src =" https://fscl01.fonpit.de/userfiles/6675138/image/androidvirus-w782.jpg "srcset =" https://fscl01.fonpit.de/userfiles/6675138/image/ androidvirus-w782.jpg 782w, https://fscl01.fonpit.de/userfiles/6675138/image/androidvirus-w596.jpg 596w, https://fscl01.fonpit.de/userfiles/6675138/image/androidvirus-w450. jpg 450w, https://fscl01.fonpit.de/userfiles/6675138/image/androidvirus-w336.jpg 336w, https://fscl01.fonpit.de/userfiles/6675138/image/androidvirus-w300.jpg 300w "class = "lazyload" />
Set up Hangouts and avoid malicious MMS messages. / ANDROIDPIT
</figure>
<h2 id=Which manufacturers are working on corrective system updates?

The first thing you should know is that to fix this loophole Google has already released a patch package for all devices running the Android operating system. The news was confirmed by Adrian Ludwig, Android's chief security engineer, who released the list of the first devices that have ever received or will receive the patch package. Thus, Nexus models will be the first to receive the update that will correct the failed processing detected in the MMS service multimedia library. According to Ludwig, manufacturers have already received the update and it should be available in August for the following devices:

Devices
Google

Samsung

HTC

LG

Sony

Motorola

Nexus 6, Nexus 5, Nexus 4, Nexus 9, Nexus 7 (2013), Nexus 7 (2012), Nexus Player
Galaxy S6, Galaxy S6 Edge, Galaxy S5, Galaxy Note 4 and Galaxy Note Edge
One M8 and One M9
LG G2, LG G3 and LG G4
Xperia Z2, Xperia Z3, Xperia Z3 + and Xperia Z3 Compact
Moto G 2015, Moto X Play, Moto X Style (ex-factory with update); Moto X, Moto X 2014, Moto Maxx, Moto G, Moto G 2014, Moto G 4G, Moto G 4G 2015, Moto E, Moto E 2015

The manufacturers have announced that these updates may take a while to arrive, as it should be taking into account the time when operators will be able to prepare the handsets to receive the update. In the case of Motorola, for example, the system carrier will be sent to its partner carriers by August 10, this Monday. Therefore, we advise you to take care to protect yourself from this security breach as explained above.

In addition to the new package, Adrian Ludwig has announced a new monthly update system for Android, which should receive new fix packs every 30 days and avoid such concerns in the future.

What's more, your device is on the list of the first to receive the new package. of security?

(tagsToTranslate) android (t) security (t) threat (t) crash (t) breach (t) MMS (t) anti-virus (t) security on android (t) virus (t) Stagefright (t) android lollipop (t) android froyo (t) MMS (t) Hangouts