Improvements
Stagefright Detector App for Android Devices
Zimperium zLabs expert and VP of Platform Research and Exploitation, Joshua Drake (@jduck) discovered multiple critical vulnerabilities in Stagefright library and provided patches to Google to secure Android. We provided these patches to carriers and vendors through Zimperium Handset Alliance (ZHA). While the patches have been applied, it may be years until they reach all devices.
Zimperium zLabs created a Detector app to validate that you are running a version that is not vulnerable to the discovered Stagefright vulnerabilities. Some phone vendors have released partial patches to the vulnerabilities disclosed and this app can help you to understand if your device is vulnerable or not.
Stagefright is a critical Android vulnerability. It allows hackers to get 'media' or 'system' privileges on your device after processing an incoming MMS message, by surfing the web any one of the 11 potential attack vectors. In many cases, the attack do not require any end-user action. To make matters worse, the attacker can delete the MMS before you open it.
In order to test if your device is vulnerable, we built the ‘Stagefright Detector’ app.
This app will tell you three major things:
- whether your device is vulnerable
- which CVEs your device is vulnerable to
- whether you need to update your mobile operating system
Stay protected: ZIMPERIUM Mobile Threat Protection enterprise customers, vendors and carriers are protected from the Stagefright vulnerability without requiring any special update.
This application anonymously collect the results of the test and shares it with device vendors and carriers through ZHA. We do not collect any personal information.
Carriers and Device Vendors that are interested to join Zimperium Handset Alliance and increase the security of its user base - join here: https://groups.google.com/forum/#!forum/zimperium-handset-alliances
About Zimperium:
Zimperium is a pioneer in advanced mobile threat protection, delivering enterprise-grade solutions for Android and iOS devices. Our solutions use patented machine-learning technology to detect host and network-based threats in real-time. Founded in 2010, Zimperium is backed by Samsung, Telstra and Sierra Ventures, and has enterprise customers across all major verticals worldwide.