Danger on Android: an MMS puts security at risk

A piece of news concerning Android and – more specifically – a security issue that could affect millions of devices based on the operating system developed by Google is circulating at the moment.
It is learned that technicians from the cybersecurity company “Zimperium Mobile Security” have identified six new vulnerabilities in Android’s security system. The fact that it is being discussed with such urgency and concern is explained by the circumstance that it has been concluded that exploiting these weaknesses would only require a simple MMS.
Zimperium engineers have indeed isolated some threats, tracing them back to the reception of an MMS capable of “opening the doors” of the operating system and thus delivering all data transmitted by the smartphone to whoever is conducting the hacker attack.
The reason, explained in simple terms, was illustrated by explaining the very mechanism of MMS reception on Android.
The multimedia message reaches its destination automatically, even without the explicit consent of the recipient to open the MMS itself.
This happens because MMS messages are received via Hangouts, which, in fact, allows automatic reception without prior user control or acceptance. This method was developed a long time ago to allow the user to immediately preview the received MMS.
However, in the case of these dangerous MMS, automatic reception also activates code execution – malicious code, in this specific case – without the process being able to be stopped in any way.
In fact, the mere arrival of the MMS under the conditions just described “launches” a specific virus program, whose name is Stagefright.
Once this happens, the sender will have free access to the affected Android device.
This, in summary, is what was explained by the technicians at “Zimperium Mobile Security,” who discovered and isolated Stagefright a few months ago, in April.

Google’s staff is therefore alerted, and patches are expected to remedy these security flaws that could cause problems for millions of people worldwide, given the extreme ease with which the threat can spread.
However, it appears that the situation is currently under control, according to what Google officially stated: “This vulnerability was identified in the lab on older Android devices, and as far as we know, no one has been affected by the virus. As soon as we learned about it, we immediately took action to send a bug fix to our partners to offer users protection.”
So, keep your antennas up, but with greatly reduced alarm, according to this statement.