If you are an android lover you might have come across various updates saying Google, Samsung and other giants in mobile world are releasing security patches for its users. The updates also mention something called Stagefright vulnerability, which is specified as the issue due to which the companies are releasing these security updates. So here is the whole thing in a nutshell as to whether you should actually be afraid or not of this exploit and what steps to take while you are waiting for the security patch.
Who, When and How
Zimperium, a security company, in July 2015 came out with this issue. They disclosed the actual details of the issue during BlackHat conference, held in August. The thing that caught everyone’s attention was that due to this vulnerability nearly half a billion android devices in market today could be taken over by the person who knows about this, that too without the users finding out about it.
This exploit was nicknamed as ‘Stagefright’.
What is it?
Whenever someone sends you a MMS containing a video, the modern day default sms apps of android phones processes that video even before the user has opened that message. The app does this so that the video is ready for you to watch when you open the message. Now, the OS’s core component libStageFright comes into picture during this processing hence the name, Stagefright. This is a very complex software library implemented as part of AOSP (Android Open Source Project) in C++. It is used a backend engine for playback of various multimedia file formats such as MP4.
Even before the vulnerability was shown to world during BlackHat conference, Joshua Drake from Zimperium security firm had shared the details of the bug with Google. The search engine giant has already incorporated the bugfix to the source code. It has also started rolling out the security patches for the existing users.
Now that, this software library is used since Android 2.2 (Froyo), the number of devices which are vulnerable is quite high. As of now, all the tech giants have announced that the security patch is on the way so sit tight.
Prevention
Meanwhile, you can take a precautionary measure and stop the auto-retrieval of the MMS received in your smartphone. Here are the simple steps to do it. You need to go the settings of your default messaging application find option by the name similar to, “Auto-Retrieve MMS” and make sure it is unticked.
The smartphone app developers surely face a mammoth task ahead as such bugs keep coming up in the existing source code.
More About Author
Vishal Nakum
Vishal Nakum is a tech enthusiast with a passion for exploring the latest developments in the world of technology. He has a keen interest in emerging technologies such as Artificial Intelligence, Machine Learning, and Blockchain, and enjoys keeping up-to-date with the latest trends and advancements in these fields. Vishal is an avid learner and is always on the lookout for new ways to expand his knowledge and skills. He is also a creative thinker and enjoys experimenting with new ideas and concepts. In his free time, Vishal enjoys playing video games and reading books on technology and science.