What Android users need to know about the “Stagefright” vulnerability

If you’re an Android user, you may be aware of the new Android vulnerability “Stagefright.” If not you’ll want to pay attention to this.

On Monday, a researcher from Zimperium zLabs discovered a series of high-severity vulnerabilities related to Android’s native media player, Stagefright.  The vulnerability exposes 95% of Android phones to an attack delivered by a simple multimedia text message.

How does it work?

The “Stagefright” vulnerability can carry serious security implications.  All an attacker needs to send out an exploit is a mobile phone number.

From there, attackers can send out an exploit packaged in a Stagefright multimedia message (MMS) that would enable them to remotely control and steal data from your mobile device.

 

Any number of applications can process MMS content, potentially exposing you to exploits. However, devices using Google Hangout pose the biggest risk as the victim might not even know they received a message before an attacker takes control of their device. Other attacks require a user to open their default SMS messaging app to view the message thread itself  before the exploit will work.

What can Android users do?

Unfortunately, manufacturers can be slow in releasing patches out to users. Until a patch becomes available, we recommend disabling “auto-fetching” of MMS messages on your device’s default SMS messaging app. This will make it harder for your device to be exploited by the vulnerability.

 

To disable “auto-fetching” of MMS on your Android device, follow the instructions outlined in this article, written by the mobile security company, “Lookout”. Have questions about the vulnerability?  Please contact us .

We Answer Your Questions: FAQ

Q: What is the maximum e-mail attachment size?

A: The ETRN.com e-mail servers do not limit the size of individual e-mail attachments. The ETRN.com e-mail servers do impose a 400 MB maximum total message size limit. Individual customers can choose a smaller message size limit. We can also customize the handling of "over-sized" e-mails. Please contact us to discuss your specific needs. A couple of important facts:

1. Attachments are typically encoded in what is called Base64[1]. As a result, the actual length of MIME-compliant Base64-encoded binary data is usually about 137% of the original file size.

2. E-mails often contain both plain text and HTML components. This also increases the overall size of the e-mail.