Find out if your mobile is vulnerable with Stagefright Detector App for Android - gHacks Tech News

Find out if your mobile is vulnerable with Stagefright Detector App for Android

Stagefright is a critical Android vulnerability that attackers can exploit using specifically prepared Multimedia Messaging Service messages (MMS).

What makes the vulnerability particularly troublesome is that it can be exploited passively on devices. All that it takes is to sent a prepared MMS to a device running Android to get system or media privileges on it.

Since it is possible to delete the MMS after it has been processed by the device and before the user had a chance to open it, it may go by completely undetected.

Considering how updates are deployed on Android, it make take weeks, months or even longer than that before devices are updated with patches for the vulnerability.

We have published a guide that explains how to protect your Android device from attacks regardless of patch status. To sum it up, all you need to do is disable the automatic retrieval of MMS on the device which most messaging apps support.

If you are unsure whether your device is affected by the issue you may use the Stagefright Detector App to find out about that.

stagefright detector app

To use the application download it from Google Play and start it afterwards. A click on the "begin analysis" button runs the vulnerability scan which should not take longer than a couple of seconds.

The result is displayed on the same page then so that you know whether your device is vulnerable or not.

The app may also point out that an operating system upgrade is needed to protect it from the vulnerability.

The Stagefright Detector App checks for the vulnerability but does not take into account the messaging settings. This means that it will conclude that your device is vulnerable to the Stagefright vulnerability even if you have disabled the automatic retrieval of MMS on it.

If you want to see Stagefright in action, watch the following exploit demo:

Now You: Is your device affected by Stagefright?

Summary
Find out if your mobile is vulnerable with Stagefright Detector App for Android
Article Name
Find out if your mobile is vulnerable with Stagefright Detector App for Android
Description
The Stagefright Detector app for Android scans devices running the operating system to find out whether they are vulnerable to Stagefright attacks via MMS.
Author
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. IgHive said on August 6, 2015 at 4:35 pm
    Reply

    You should add a few lines about the app author company. Never heard of Zimperium before.

    1. ilev said on August 7, 2015 at 6:48 am
      Reply

      Zimperium is an Israeli mobile security company which has uncovered and published the Android Stagefright security bug.

  2. not_black said on August 6, 2015 at 6:53 pm
    Reply

    >it make take weeks, months or even longer than that before devices are updated with patches for the vulnerability

    90+% of all current devices will never ever get an update.

    1. Testuser said on August 6, 2015 at 7:22 pm
      Reply

      That’s it. I’m quite disappointed that most news websites are saying something similar, although the truth >is< that most devices will remain vulnerable forever.

  3. Yuliya said on August 6, 2015 at 8:23 pm
    Reply

    My Nexus 4 got an update yesterday which should have fixed this, yet it tells that my device is vulnerable.

    https://i.imgur.com/XFUoW9f.png
    https://i.imgur.com/WfKMmzo.png

    1. Decent60 said on August 6, 2015 at 11:53 pm
      Reply
      1. Yuliya said on August 7, 2015 at 10:27 am
        Reply

        This reports my phone as safe :)

  4. Decent60 said on August 6, 2015 at 11:04 pm
    Reply

    “Considering how updates are deployed on Android, it make take weeks, months or even longer than that before devices are updated with patches for the vulnerability”
    should be

    “Considering how updates are deployed on Android, it may take weeks, months or even longer than that before devices are updated with patches for the vulnerability”

    But considering how they are actually deployed, probably will be never for a minor update

    1. Decent60 said on August 6, 2015 at 11:57 pm
      Reply

      Well, I should take that back….Issued on August 5th:
      http://www.androidcentral.com/att-patches-stagefright-exploit-galaxy-s6-active-note-4-s5-and-s5-active

      Sprint and ATT are pushing software updates to patch it. So I’d keep checking throughout the day for Software Updates on your phones (I’d manually do it).

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.