A security vulnerability called “Stagefright” was discovered in Android’s operating system. This bug allows unauthorized access to Android devices – including all apps, content, the camera and microphone – by sending a multi-media message (MMS) containing malicious code. Versions affected include Android 2.2 (Froyo) and above.
To protect your device, the Office of Information Security in the Office of Technology Services (OTS) recommends disabling the auto-retrieve option in your default messaging app. It should be noted that this safety measure will stop your device from automatically downloading all MMS messages. Get step-by-step instructions from the mobile security company, AVG.
For additional patch or vulnerability detection, go to the Google Play Store and download Zimperium’s Stagefright Detector app.
Recommended best practices:
- Patch devices immediately when your phone receives an update.
- Disable auto-retrieval of MMS messages in messaging app. If your device does not have this ability, consider blocking messages from unknown senders.
The Office of Information Security reminds the campus to use mobile devices wisely, and that security is our shared responsibility.
