Advertisment

How to avoid Stagefright threat on Android?

A new, extremely dangerous flaw dubbed Stagefright, has been discovered within the Multimedia Text Message (MMS) capabilities on Android phones

author-image
Sanghamitra Kar
New Update
MOBILE stolen cool

BANGALORE, INDIA: A new extremely dangerous flaw dubbed Stagefright, has been discovered within the Multimedia Text Message (MMS) capabilities on Android phones running OS 2.2 and later. This appears to affect about 95 pc of android phones, according to Norton.

Advertisment

What Does Stagefright Do?

If you have Auto Download capabilities enabled on your text messaging application on your Android phone, an attacker can send an MMS, which can be a photo, video or other piece of media to the device containing malicious code, allowing the exploit to be executed without the users’ knowledge. Stagefright can then bypass the permissions on the phone, allowing the attacker to access other parts of the phone such as SD cards, cameras and anything containing personal data. All an attacker needs is a phone number, and once the text is sent, the vulnerability is then silently executed without any knowledge on the users’ part.

What Can I Do To Be Protected?

Advertisment

· Visit your cell phone manufacturers’ website for details on whether a patch for this vulnerability is available.

· You can also disable Auto Retrieve MMS based on which application is being used for text messages, such as Google hangouts or Google Messenger (which is the default messenger for Android phones). If you are using Google Messenger as your text messaging app, you can turn off Auto Retrieve by going into the settings of the app, advanced, and turn off Auto Retrieve. To ensure this is off, make sure the blue button is grey.

· If you are using Google Hangout as your text messaging client, go to settings, advanced, SMS and uncheck Auto Retrieve SMS.

It is important to keep in mind, this is only a partial, temporary solution. Even with auto-retrieve MMS turned off, it is possible for a user to accidentally download a malicious message. Therefore, it is extremely important for a user to make sure their phone manufacturer has plans to patch this vulnerability by checking their website. For users on older phones where the manufacturer is no longer providing updates, users should consider upgrading to a newer device.

smartphone tech-news android security