Last week, an android vulnerability was discovered by team TrendMicro know as StageFright vulnerability, which can be easily exploited passively on devices. All that it takes is a simple MMS to a device running Android to get system or media privileges on it. Stagefright is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop).
The worst part is that it is possible to delete the MMS after it has exploited the device before the victim has a chance to open it, which makes it completely undetectable.
Bearing in mind how updates are deployed to Android Devices, it may take weeks, months or even longer before all android phones are updated with patches for the vulnerability.
To protect yourself, all you need to do is to disable the automatic retrieval of MMS on your phone. But
you can check your device if it’s vulnerable to Stagefright using Stagefright Detector.stagefright detector.
Running the App is straight forward, download the app from the Google Play Store, click on the “begin analysis” button runs the vulnerability scan and the scan will only take a few seconds. The result is displayed on the same page and will show you whether your device is vulnerable or not.
The app may also point out that an operating system upgrade is needed to protect it from the vulnerability.
The Stagefright Detector App checks for the vulnerability but it does not take into account messaging settings. This means that it will have some false positives, hence it will conclude that your device is vulnerable even if you have disabled the automatic retrieval of MMS.