Story image

Android security flaw found in 950 million devices

20 Aug 15

A new security flaw known as Stagefright has been found in 95% of Android devices. The vulnerability allows attackers to steal information through remotely executed code via a maliciously crafted multimedia messaging services (MMS).

Dubbed one of the largest Android vulnerabilities to date, it has been estimated that 950 million devices worldwide are vulnerable to Stagefright.

In light of this, ESET has launched a free app on Google Play to help Android users detect Stagefright on their devices.

"Asia Pacific has one of the highest Android mobile users in the world, making the region a prime target for cyber hackers.

“Mobile users should always remember to follow cyber security best practices, such as avoiding clicking on messages or links from suspicious sources and updating their operating system software regularly," says Parvinder Walia, ESET Asia Pacific sales director.

"We hope that more consumers will download the app as a proactive measure to secure their devices,” he says.

ESET has summarised additional information for consumers and businesses about Stagefright in the following FAQ:

Is Stagefright really the worst of all Android vulnerabilities?

It is difficult to label a vulnerability as being the worst because the basis for this attribution varies. Some considerations include, the number of devices affected, the ease with which devices are compromised, and amount of exploits in the wild.

However, with 950 million users of Android devices potentially affected and a failed attempt by Google to fix the issues, users should take Stagefright more seriously than other commonplace vulnerabilities.

How does this vulnerability work and why is it called Stagefright?

Amongst the thousands of lines in the source code of Android, there is a media library called Stagefright in charge of managing multimedia formats that allow users to playback videos and music on their Android devices.

Attackers exploit Stagefright by crafting malicious MMS messages that are sent to victims. In these cases, the only information required for highly targeted attacks is the victim's phone number.

In some instances, devices can be compromised, even when users do not play or watch the actual message content. Simply viewing the MMS can affect the device. With Google Hangouts, however, it is possible for devices to be compromised almost instantly even notifications are viewed.

Which versions of Android are vulnerable?

According to investigations, all versions of Android from Froyo (2.2) inclusive are vulnerable. This means that 95% of Android devices, or about 950 million users worldwide, are susceptible to the exploit.

In addition, versions prior to Jelly Bean are at higher risk, since they do not incorporate the appropriate mitigations.

How can users protect their devices?

ESET recommends users check with their vendors whether a patch for their Android device already exists and deactivate the short message service (SMS) auto retrieve function for Messenger and Hangout applications.

Users should also take extra precautions and check whether their devices are vulnerable with the ESET Stagefright Detector App and stay alert for new information regarding this topic.

HPE expands AI-driven operations
HPE InfoSight extends select predictive analytics and recommendation capabilities to HPE servers, enabling smarter, self-monitoring infrastructure.
Dimension Data nabs three Cisco partner awards
Cisco announced the awards, including APJ Partner of the Year, at a global awards reception during its annual partner conference.
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
Rimini Street hits NZ shores with new subsidiary
The third-party support provider for Oracle and SAP has opened a new Auckland-based office and appointed Sean Jones as NZ senior account executive.
Why the adoption of SAP is growing among SMEs
Small and medium scale enterprises are emerging as lucrative end users for SAP.
Exclusive: How the separation of Amazon and AWS could affect the cloud market
"Amazon Web Services is one of the rare companies that can be a market leader but remain ruthlessly innovative and agile."
HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.