Stagefright Vulnerability in Android : Detection & Mitigation

Stagefright is the name of a new vulnerability that is being called the most serious vulnerability found in Android till date. The stagefright vulnerability is considered to be so serious because one of the exploits that uses it does not require any user action at all. A potential hacker can just send a malicious MMS to any vulnerable device and the target device will become instantly infected. Moreover, the vulnerability exists in all the versions of Android and therefore poses the risk to billions of Android devices all over the world.

What is stagefright vulnerability?
It is a vulnerability found in the media library called stagefright in the Android operating system. This library processes many of the popular media formats. Researchers at the Zimperium zLabs have found this vulnerability and many different ways of exploiting it in Android. One of these ways to exploit stagefright requires no user interaction at all. According to them, 95% of the Android devices are exposed to this vulnerability since it is present in all Android versions starting from Android 2.2 Froyo to Android 5.1 Lollipop.

Stagefright Vulnerability in Android

How to detect stagefright vulnerability?
Since it exists in one of the basic libraries in Android, it can be assumed that most of the Android devices are affected. But just to make sure, you can use either the Zimperium Stagefright detector tool in your Android device to find if your device is affected. This tool checks your device against seven different CVE’s that are assigned to the stagefright vulnerability.

Stagefright Vulnerability in Android

While using the Zimperium Stagefright detector tool in my Android KitKat phone, it always seemed to stop in the middle of analysis. If that also happens to you, then you can use an alternate tool from Lookout security called Lookout Stagefright Detector. This tool is much quicker and gives you the results right away.

Stagefright Vulnerability in Android

What you can do if your device is affected?
If your Android device is affected with the stagefright vulnerability, then first of all you should disable the auto-fetching or auto-retrieval of the MMS messages. Since one of the exploits that uses stagefright vulnerability involves sending a malicious MMS messages to the target device which instantly infects the device, you can mitigate this exploit just by disabling auto-fetching of MMS. Here is a quick way of how you can disable auto-fetching of MMS for different apps like Google Hangout, Messaging, Messages, Messenger :

  • Google Hangout : Settings → SMS → uncheck Auto retrieve MMS.
  • Messaging/Messages : Settings → MMS → uncheck Auto-retrieve.
  • Messenger : Settings → Advanced → uncheck Auto-retrieve.
  • WhatsappSettings → Chat settings → Media auto-download → disable all auto video downloads.

At this point, this is pretty much all you can do. We will have to wait for the smartphone manufacturers to release the OTA updates to fix this vulnerability in the near future. Google has already updated the AOSP code, so all the other Android smartphone manufacturers are expected to release the patches very soon.