An exploit was discovered last week by researchers at Zimperium that is believed to leave the majority of Android devices vulnerable to attack. Hackers could potentially use the libStageFright media library (hence ‘Stagefright’) as a way into your device when processing an MMS. Potentially an attacker would only need your mobile number and then execute an attack even with no user-interaction. Even worse, the MMS can delete itself before you open it. Zimperium says that “issues in Stagefright code critically expose 95% of Android devices, an estimated 950 million devices”.
Many of you have got in touch with us asking when a fix is likely, however Sony has officially been quiet on the matter. Google is working alongside all of the key Android manufacturers to deliver updates that patch this exploit. At Black Hat 2015, Google confirmed that a fix will arrive this month for the newer Xperia Z series such as the Xperia Z2, Z3, Z3+/Z4 and Z3 Tablet Compact. However, “hundreds more” devices will also receive the update, so other Sony Xperia devices won’t be left in the cold.
If you want to find out whether your Sony Xperia device is vulnerable to this exploit, then Zimperium has created the Stagefright Detector App which will test your handset.
Sony Xperia Z2/Z3/Z4 series will receive the Stagefright fix later this month