Stagefright, which is being called one of the biggest smartphone security flaws ever, has prompted wireless carriers to take drastic steps to keep users safe from the exploit.
The security hole affects Android devices, almost a billion of them to be exact, and lets hackers take over the smartphone or tablet via a simple text message. A user doesn’t even have to open the text message for their device to be infected.
Google has come up with a patch for the vulnerability, but getting it to users isn’t an easy task.
Unlike Apple, Google’s Android operating system is used by many hardware manufacturers, so phone makers must first implement the update for each device they manufacture that uses Android, then the wireless carrier must approve it and roll it out.
But even then, there’s no guarantee that it will get updated because the consumer approve it before the update is made.
In response to the issue, at least one carrier, the German carrier Deutsche Telekom, has taken the bold step to completely turn off auto-retrieval of MMS on its network. This means that any message with a multimedia element, like a video, will instead come through as a SMS message and a link to the video. A user must then type in a passcode before they can view the video.
Other carriers including AT&T and Sprint are rolling out updates with the security patch to specific devices.
"We support Google and our equipment manufacturers in their efforts to deploy a fix. The software patch is being pushed to the first Android handset model from Sprint by an equipment manufacturer now. Additional devices should start receiving a software patch in the coming weeks," a Sprint spokesperson told Tech Insider.
The first patch the carrier will deploy will be for Samsung's Note 4 device, the spokesperson said.
AT&T will also soon make an update available for the following devices:
- Samsung Galaxy Note 4
- Samsung Galaxy S6
- Samsung Galaxy S6 edge
- Samsung Galaxy S6 Active
- Samsung Galaxy S5
- Samsung Galaxy S5 Active
In a statement to Tech Insider, T-mobile said they are staying in close touch with device partners, but did not say if they were releasing any updates soon.
"At this time, we have not identified any active exploits related to the vulnerability, but we have stepped up additional monitoring for any unusual activities," T-Mobile said.
Tech Insider reached out to Verizon to see if they are also planning to soon roll out updates and will update the story as soon as we receive a response.
