"Stagefright" text attack to Android.

[jim bell]

http://www.theinquirer.net/inquirer/news/2419531/text-based-android-stagefright-attack-is-bad-news-for-950-million-users


"A MOBILE SECURITY RESEARCHER has done his work and found a cluster of vulnerabilities in Android that, when combined, present a problem for 95 percent of the user base.
This is bad stuff. Despite references to unicorns in the official information, there is also some goosebump-inducing wordplay. The official warning is that almost anyone with an Android mobile phone can be sent one text message and be plunged into security chaos.
This threat package has been dubbed Stagefright by Joshua Drake from the security outfit Zimperium zLabs.
"Gaining remote code execution privileges merely by having access to the mobile number? Enter Stagefright. The targets for this kind of attack can be anyone from prime ministers, government officials, company executives, security officers to IT managers," said the firm in a blog post.
"[We] dived into the deepest corners of Android code and discovered what we believe to be the worst Android vulnerabilities discovered to date. These issues in Stagefright code critically expose 95 percent of Android devices, an estimated 950 million devices."
If this does not have you standing on a chair pushing your phone away with a broomstick, then get ready for this. Zimperium said that Stagefright is worse than Heartbleed - and we all know how that worked out."