When mobile security researchers recently discovered what they described as the “worst Android vulnerability in the mobile OS history,” there appeared little you could do about it beyond waiting for your carrier or manufacturer to push Google’s fix. The exploit could auto-run as soon as you received an MMS designed to trigger it, whether or not you opened the message.

The same researchers have now created an app that allows you to check whether or not your devices has been patched against Stagefright, together with a step you can take to prevent the exploit from running automatically … 


You can prevent the malware from auto-running on receipt of an MMS by disabling auto-fetching of MMS content. The Lookout blog put together instructions for doing this:

  • Open Hangouts
  • Tap the menu button in the top left corner
  • Tap Settings
  • Tap SMS
  • Scroll down and uncheck ‘Auto retrieve MMS’

If instead you use the Messages app:

  • Open Messages
  • Tap the menu button top-right
  • Tap Settings
  • Tap ‘Multimedia message (MMS)’
  • Uncheck ‘Auto retrieve’

You can find screengrabs, together with instructions for other messaging apps, over at the blog post.

Once you’ve done this, you’ll be protected so long as you take the obvious precaution of not manually opening any MMS message you weren’t expecting, even if it’s from a known contact.

Via Engadget

About the Author

Ben Lovejoy's favorite gear