Stagefright is the name of a massive vulnerability that affects more than 950 million Android devices. So far, Google, Samsung and LG have all confirmed they will roll out monthly security patches. Google has already taken steps to remove the flaw from Nexus devices, but that’s hardly relevant for anyone not owning a device that runs a pure version of Android. However, while you’re waiting for your fix to roll out, you can use a simple app that tells you if you’re affected by Stagefright.
As Engadget reports, Zimperium, the security firm that uncovered the flaw in the first place, made the Stagefright Detector App that tells you if you’re susceptible to such attacks or not. The app can’t do anything else about Stagefright, so this isn’t a general-purpose fix.
What the Stagefright security issue does is to allow an attacker to take over a phone after tricking its user into clicking a video attachment sent via SMS or MMS. As the tech site says, using Hangouts as the default SMS app on an Android phone is also enough to infect the recipient, regardless of whether the attached file is opened by the user or not.
Stagefright is the most important Android security issue uncovered to date, and one that shows how Android’s fragmented state prevents Google from doing anything about it in a timely fashion. However, that doesn’t mean someone will immediately target you with malicious content via SMS/MMS.
What you should do after determining whether you’re one of the 950 million people at risk (get the app from the Google Play Store) is to disable the “Auto Retrieve MMS” option in Hangouts on Android – or stop using it altogether. Also, don’t click on anything strangers send your way.