Stagefright

Stagefright refers to various security bugs that target a library of code within the Android mobile operating system. The libstagefright media library is a common element in Android versions 2.2 and higher, and flaws within the library tend to be integer overflows that can lead to potentially exploitable memory buffer overflow conditions.

The Stagefright Android exploit was discovered by the security firm Zimperium, which first publicly reported the exploit on July 21, 2015. The following month Google committed to releasing a new monthly update cycle for the Android operating system at the Black Hat USA conference.

Google issued the first monthly update for an initial batch of Stagefright-related bugs in August, 2015, followed by another patch released in October to address a second bundle of bugs dubbed Stagefright 2.0.

Stagefright Exploit Details and Device Protection Tips

The libstagefright library is typically used to help the Android mobile OS process video files and links to videos files that are sent via multimedia messages (MMS) and text messages. Because many messaging apps automatically process the videos so that they’re ready to be viewed upon opening the message, the Android Stagefright exploit could be compromised without the user’s knowledge.

The Stagefright exploit could potentially enable an attacker to gain access to the mobile device’s camera, the Internet, all audio streams and Bluetooth administration. Despite hundreds of millions of Android devices operating with the flawed libstagefright library, there’s no evidence at this time of the Stagefright exploit being compromised in the wild.

Android users are encouraged to upgrade their mobile devices to a more recent release of Android like Android Lollipop (5.1 and higher) that is supported by the device vendor and that contains patches for Stagefright. Users can also protect themselves by disabling the Auto Retrieve feature in messaging apps so that videos won’t automatically load in the background and potentially infect the device.

Forrest Stroud
Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

Huge List Of Texting and Online Chat Abbreviations

From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top...

How To Create A Desktop Shortcut To A Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Creating a desktop...

The History Of Windows Operating Systems

Microsoft Windows is a family of operating systems. We look at the history of Microsoft's Windows operating systems (Windows OS) from 1985 to present...

Hotmail [Outlook] Email Accounts

  By Vangie Beal Hotmail is one of the first public webmail services that can be accessed from any web browser. Prior to Hotmail and its...

Unregulated Power Supply Definition...

An unregulated power supply is a system that transforms input voltage into direct...

Cybersecurity Awareness Training Definition...

Cybersecurity awareness training informs employees of the attack surfaces and vectors in their...

OST File Definition &...

An OST file, or offline storage table (.ost) file, is an Offline Outlook...