Why the Future of Android Depends on Security:
If you own an Android device, you have noticed an increase in the frequency of software updates over the past year. With the discovery of stagefrightlib, Android phones were at high risk where a single text could affect millions of phones at one time and per Forbes been identified “as the worst Android flaws ever uncovered.”
This vulnerability was as simple as sending an infected video file (MP4) to an unsuspecting user with an enticing label to get the user to execute the file. Zimperium is the company that found the Stagefright bug, and apparently is hasn’t stopped there.
Recently Stagefright 2 has now been identified and Google has vowed to address these major issues by rolling out a monthly update system and within the past week have started rolling out three Nexus patches for its own units. Unfortunately, it has been reported that many Nexus users haven’t received the update yet and this has also been the case for Android phones for Stagefright 2 vulnerability.
Identified as one of the worst Android flaws ever uncovered
Google’s monthly patch roll-out plan seems to not be as transparent to users as it should be. Getting the patches is the easy part as they load over-the-air to most devices, however the patches are very clear in WHAT they fix. We believe that Google is taking a step in the right direction, but more must be done. If you own an Android device we recommend the following actions:
- Ensure your phone is fully patched and up-to-date. (you may have to bounce this question off your carrier or compare your phone operating system to the latest version)
- Disable automatic attachment text message downloading under the options menu
- If you do download a media text message, ensure you trust the sender
- If you’re still using an older set such as the Galaxy S4, these phones were the most vulnerable and special care should be taken with patching them
- Download Stagefright detector app from the Google Play store
Other Relevant Blog posts:
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.
Enter your email address:
Delivered by FeedBurner