The content below was written by David Longnecker, who graciously gave me permission to post:
Zimperium just released details and POC code for the StageFright
vulnerabilities:
https://blog.zimperium.com/stagefright-vulnerability-details-stagefright-detector-tool-released/
I've put together a quick how-to for "friends and family" to disable
auto-retrieve of multimedia messages in the native Android Messages app,
and in Google Hangouts, here:
http://www.securityforrealpeople.com/2015/08/avoid-stagefright-by-turning-off-auto.html
It doesn't cover every scenario, but it at least protects against the 100%
unaided attack.
Regards,
David Longenecker
Connect: Blog <http://securityforrealpeople.com> | @dnlongen
<https://www.twitter.com/dnlongen> | LinkedIn
<https://www.linkedin.com/in/dnlongen/>
PGP key: https://keybase.io/dnlongen
 
No comments:
Post a Comment