How to check if you're vulnerable to the Stagefright Android hack -- and how to fix it

Credit: Zimperium Security

Want to find out if you're vulnerable to the nasty Stagefright Android hack? Here's how to do it. Better yet, I've got advice on how to keep yourself safe.

The Stagefright vulnerability was discovered by the mobile security firm Zimperium. The firm claims that 950 million Android devices are vulnerable to it. Google claims that only 10 percent of those devices are vulnerable. Either way you look at it, though, that's a lot of devices --- and one may be yours.

The hack is a simple one. An attacker sends a multimedia messaging service (MMS) message -- a video text. That video can carry a malicious payload, and the attacker can gain access to your system. In some instances, you don't even have to open the message to be infected.

It's easy to find out if you're vulnerable. Download Zimperium's free Stagefright Detector App and run it. You'll be told whether you're vulnerable.

Google is working on Android patches to close the security hole. At the moment, only some Nexus devices have the fix. Until your Android device is patched, though, there's a way you can protect yourself --- disable auto-fetching of MMS, and don't open any MMSs sent to you.

You'll need to disable auto-fetching of MMS in two places, Google Hangouts and in Messages. To disable it in Google Hangouts, first open Hangouts. Then tap Options-->Settings-->SMS. In the General section, look if you have SMS enabled. If you do, go to Advanced and uncheck the box next to Auto Retrieve SMS. That disables auto-fetching in Google Hangouts.

Next open Messages. Tap More-->Settings-->More Settings-->Multimedia Messages. Turn off Auto Retrieve. That disables auto-fetching in Messages.

Keep those settings that way until Google comes up with a fix.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon