Threat of the month: Stagefright



What is it?  

An atomic bomb in the world of vulnerabilities, Stagefright is a flaw deep in the libstagefright library, which enables the Android OS to process video files. The bug resides on hundreds of millions of phones. 

How does it work? 

The attacker sends multimedia messaging service (MMS) with specially crafted video that can be processed by some applications even without users opening the message. Unbeknownst to the end-user, the malicious video could take advantage of a buffer overflow allowing the attacker to compromise your phone.

Should I be worried?

Yes. This took a while to patch, and the patch isn't perfect. It's still exploitable. Someone exploiting the flaw could have a large pool of victims. We should all worry a bit when Google cannot be responsive with a complete fix for security vulnerabilities that impact so many people.

How can I prevent it? 

Disable MMS on your Android. Always be sure to update your software as soon as fixes are available. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.