Zimperium releases Stagefright detection tool and vulnerability demo video
We've already looked at the Stagefright vulnerability, discovered by Zimperium, and shown what can be done to deal with it. Affecting up to 95 percent of Android devices, the vulnerability has led to Google and Samsung announcing monthly security updates.
Now the mobile security company has released additional details about how the exploit works. To help explain the vulnerability, a video has been produced which uses a Stagefright demonstration to illustrate it in action. Zimperium has also released an Android app that checks devices for the vulnerability.
Stagefright is a particularly worrying vulnerability as it allows for exploitation without the need for user interaction -- simply receiving an MMS is all it takes. Zimperium has provided details of the exploit to handset manufacturers but warns that it could take some time for patches to be applied to all affected devices.
A free copy of the Stagefright Detector app can be downloaded from Google Play. This reveals whether a device is vulnerable, and indicates whether an OS update is needed. In a blog post, the security company said:
We are working with carriers and device vendors to design solutions to protect users that do not currently have Zimperium zIPS on their phones.
Check out the video below, produced by Stagefright discoverer Joshua Drake, which demos the vulnerability: