Android Security Threat - Stagefright

Android Developers

Android Security Threat

Android Media HAL icon
Please be advised that a new security threat called “Stagefright” has been identified. Although there have been no confirmed ‘real world’ cases of this being exploited we feel it is important that you, as an Android user, are aware and know what action to take to prevent being at risk.

Stagefright is considered to be one of the more serious Android vulnerabilities discovered so far. All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are potentially affected.  

Stagefright could be delivered via a multimedia message (MMS) and sent to any messenger app that can process a specific video format - like an Android device’s native messaging (SMS) app, Google Hangouts, Facebook Messenger, WhatsApp and Viber.

Work is already ongoing between Google and device manufacturers to release fixes for this issue. In the meantime you can protect yourself by taking a few simple steps on your device.

The most common Android messaging apps load videos automatically, this setting could allow your device to receive and download an infected video file without you even knowing. 

You can prevent this by disabling the auto retrieve feature in your messaging apps so that videos cannot load in the background and infect your device. 

Turning off auto retrieve does NOT prevent you receiving your messages, it merely means you will get a notification that a video is available. You then have the choice to download it if you trust the sender of the message.  Do NOT download picture and video messages from untrusted or unknown senders.