Stagefright is the name given to the latest Android vulnerability that i am going to explain in this blog post, this hole uncovered a great risk to users since its entry into the devices is completely silent, which means that the terminal could become infected without the owner were to be aware of it.
Stagefright joins other exploits as MasterKey, which was already corrected by the community through Xposed Framework, or other more dangerous distorts off the machine to take over the terminal. It’s just one more name on a list that is already too long, and today continues to surprise all and sundry that Google is not more aware of the safety of their own mobile operating system, although this is something to discuss in other articles, not in this
So before we proceed i should perhaps explain how this bug is threatening almost all Android smartphones currently in the market.
So what is Stagefright exactly?
Stagefright is an engine named Android media player that supports different formats by default and playback features audio, video, session management, DRM and more.
The security hole that has to do with this engine was recently discovered as mentioned earlier in this article, and whether it affects many terminals is because it is an essential feature of the operating system. The terminal is infected advantage of this vulnerability to receive an MMS message with a video in which malicious code is hidden, which as stated earlier requires no direct user intervention. This is because Android download the contents of the MMS messages automatically, and once we are infected hackers could do whatever they wanted with our terminal.
How can you protect yourself from Stagefright?
While Google develops patches to correct-which could take a time-and while manufacturers adopt such patches-which could be more yet-time, users have a rudimentary solution, but it serves as the first line of defense, to protect of Stagefright.
As Stagefright MMS attacks that are automatically downloaded to the system, disabling this feature is one of the best options you have to protect minimally. To do this follow the steps we will give you :
- Open your application short message in my case Google Messenger.
- Open the terminal settings by clicking the three buttons on the top right corner.
- Search multimedia section and uncheck Automatically retrieve messages.
If you’re using a different messaging application you need to find out if you block MMS messages by default as well. Many applications should offer this option, but there will be some who do not. If your application does not support short messaging disable this feature considers the change it.
As we have said, until the manufacturers it fixed via code could be a long time. CyanogenMod users, meanwhile, should start getting updates to fix the bug Stagefright between this week and next, because you already have settled.
Some more recommendations :
Disable the automatic downloading of MMS messages in applications that manage such messages, like the one used by default: Android Messaging as well as Google Hangouts or any other application.
Updating the smart phone operating system Android. Patches of some popular OS versions are available (CyanogenMod & blackphone).
The patched in CyanogenMod versions 12.0 and 12.1 is available here, the BlackPhones with version 1.1.7 and private parties concerning the Google Nexus will be available early next week.
Internal codes of Android have been updated following the release of this security issue, but the update of the different models of smartphones depend on the reaction of each manufacturer using the Android operating system on their devices.
So keep tracking about these latest news here and feel free to comment and share 😉