Last week researchers discovered a new Android vulnerability called Stagefright which is suppose to be the most critical vulnerability on Android ever. Almost one billion Android devices running on Froyo 2.2 to Lollipop 5.1.1 are at risk. That makes almost 95% of all Android devices in the World!

Through the security hole in media library hackers can gain access to your contacts, photos, videos, camera or microphone.

Hackers need only your phone number to deliver the malware. Malware is delivered via MMS (Multimedia Messaging Service) through the popular chatting apps like WhatsApp, Google Hangouts, Messenger, Messaging or even the default Messages app. Malware is automatically executed on the device, user doesn’t have to do anything!

All phone and tablet vendors need to deliver patch to their users. Unfortunately this could take a lot of time. Avast put together a simple step-by-step guide how to protect yourself. Basically you just need to turn off the MMS auto retrieval in each messaging app you have on your device. For the detailed steps read further.

Security Fix for Android Default Messages app

  1. Open the Messages app and go to settings by clicking on the three dots icon
  2. Click on ‘Settings‘ in the drop-down menu; click on ‘Multimedia messages‘ and uncheck ‘Auto retrieve

Now your settings in Messages app should look like this:

How to fix the Stagefright vulnerability in Android Default Messages app

How to fix the Stagefright vulnerability in Android Default Messages app (image source: Avast)

Security Fix for WhatsApp

  1. Open the WhatsApp and go to settings by clicking on the three dots icon
  2. Click on ‘Settings‘ in the drop-down menu; click on ‘Chat settings‘; click on ‘Media auto-download’; click on ‘When connected on Wi-Fi’ and uncheck ‘Videos
  3. Click on ‘When using mobile data‘ and make sure ‘Videos‘ are again un-checked

Now your settings in WhatsApp should look like this:

How to fix the Stagefright vulnerability in WhatsApp

How to fix the Stagefright vulnerability in WhatsApp (image source: Avast)

Security Fix for Google Hangouts

  1. Open the Messages app and go to settings by clicking on the three lines icon
  2. Click on ‘Settings‘ in the drop-down menu; click on ‘SMS‘ and uncheck ‘Auto retrieve MMS

Now your settings in Google Hangouts app should look like this:

How to fix the Stagefright vulnerability in Google Hangouts

How to fix the Stagefright vulnerability in Google Hangouts (image source: Avast)

Security Fix for Messenger app

  1. Open the Messenger app and go to settings by clicking on the three dots icon
  2. Click on ‘Settings‘ in the drop-down menu; click on ‘Advanced‘ and uncheck ‘Auto retrieve

Now your settings in Messenger app should look like this:

How to fix the Stagefright vulnerability in Messenger app

How to fix the Stagefright vulnerability in Messenger app (image source: Avast)

Security Fix for Messaging app

  1. Open the Messaging app and go to settings by clicking on the three dots icon
  2. Click on ‘Settings‘; scroll down to ‘MULTIMEDIA (MMS) MESSAGES‘ and uncheck ‘Auto-retrieve

Now your settings in Messaging app should look like this:

How to fix the Stagefright vulnerability in Messaging app

How to fix the Stagefright vulnerability in Messaging app (image source: Avast)

Please note malware using the Stagefright vulnerability can spread also via the typical channels like e-mails, links on social media. But they require an user action (opening the link).

Source: Avast Official Blog; Avast FAQ

Written by Paul B.

My name is Paul and I love Avast since the Home Edition v4.8 (2008). I am recommending it to all my friends, but I realized they don't know how to use it. So I started this site in order to help others getting maximum from this awesome antivirus. Feel free to contact me via Facebook, comments below or this form.

Leave a Comment

Your email address will not be published. Required fields are marked *