Stagefright Gives Android Users Something to Fright About

Stagefright Gives Android Users Something to Fright About

A few months ago people were talking about the latest bug  in iOS that would cause the phone to crash if someone sent a specific set of characters via a text message (which has been fixed).  Now it appears that it is Android’s turn.  This new bug is being called Stagefright which allows an attacker to remotely execute code on another person’s Android device that they received via MMS messages.

The exploit was publicly announced on July 27, 2015 by the security firm Zimperium.  Researchers say that the bug originated in a core component called “Stagefright” which is a library that is used to play various multimedia formats that are integral in displaying the contents included in MMS messages.  The reason why this issue is so serious is because that it can execute on a user’s device without you actually doing anything.

Furthermore, this bug has been in the Android operating system since version 2.2 which means that roughly 1 billion devices can be potentially infected with malware due to this flaw.  While Google and Samsung are working hard to push out a security fix to ultimately patch this bug, Zimperium has released an app that can be installed on your device to check to see if your Android device has been infected.

If you want to learn more about this bug, watch the video below which demonstrates the Stagefright bug:

 

About the author
Michael Battaglia

Michael is a senior programmer for Multi Data Services in NY. Coding not just his day job, it is his passion.