Your Android smartphone can be hacked with one message

PsYTraNc3

Expert Member
Joined
Jan 4, 2012
Messages
3,277
Who uses MMS only criminals?

Hardly anybody but this "The worst attacks require no user interaction. This means that an Android phone can be attacked by only knowing a user’s number, using remotely-executable code via a specially crafted media file delivered via MMS." is still a problem.
 

Ho3n3r

Honorary Master
Joined
Apr 5, 2012
Messages
17,062
Hardly anybody but this "The worst attacks require no user interaction. This means that an Android phone can be attacked by only knowing a user’s number, using remotely-executable code via a specially crafted media file delivered via MMS." is still a problem.

Exactly. You don't need to ever send one to receive one.
 

Rocket-Boy

Executive Member
Joined
Jul 31, 2007
Messages
9,450
Lovely :D

NOT :(

Can one disable the receiving of MMS completely?

It used to be that MMS settings were separate from the internet APN, not sure if its still the case but you should be able to remove them to stop it working.
 

Arthur

Honorary Master
Joined
Aug 7, 2003
Messages
25,406
I can just hear the chorus of "fail!" if that vuln had been in Windows Phone. Deafening silence from the choc fac fanz. :D
 

eg2505

Honorary Master
Joined
Mar 12, 2008
Messages
22,336
oh no;

many android will be dropped now for apple instead;
 

eg2505

Honorary Master
Joined
Mar 12, 2008
Messages
22,336
oh no;

many android will be dropped now for apple instead;
 

PsYTraNc3

Expert Member
Joined
Jan 4, 2012
Messages
3,277
Lovely :D

NOT :(

Can one disable the receiving of MMS completely?

With most phones you are able to turn off auto retrieval.
It will be easy then to check if an MMS is coming from a number you recognize before downloading it.

Other alternative is to copy your providers internet\MMS settings and leave out the MMS part.
 

MickZA

Executive Member
Joined
Jan 19, 2007
Messages
7,575
Zimperium’s advanced Enterprise Mobile Threat Protection solution, zIPS, protects its enterprise customers from Stagefright vulnerability.
Hmm, I'm always suspicious when security companies identify threats and offer a solution at the same time.
 
Top