A new and nasty vulnerability in the Android operating system, dubbed “Stagefright”, has recently come to light. Initially, it was reported that this bug would allow a hacker to gain control of an Android device with only a text message. Once in your phone, a hacker could steal or take over anything on your device and then infect everyone in your contacts. Until device manufacturers and wireless carriers can issue a fix, Android users were advised to disable the setting to “automatically retrieve” MMS messages in their texting app and Google Hangouts.
A week later, it was reported that the infection could not only arrive via text, but could also be embedded in any number of apps or websites just lying in wait. Because the bug is surrounded by “safe coding”, security software will not necessarily catch it.
The good news is, lots of people are working on fixing this. In fact, Samsung and Sprint have already worked together to release a fix for the Samsung Galaxy Note 4. Unfortunately, their fix only works on that device. Many more fixes will need to be generated and pushed out to patch up the nearly 950 million vulnerable Android devices out there. If you are an Android user, be on the lookout for available updates for your device.
For more information about Stagefright, Fortune.com has an excellent article and Q&A on the subject.
Has your device been infected? Tell us about it in the comments.