Check your Android device for 22 vulnerabilities
Google’s latest Android update has fixed another stack of security vulnerabilities, including yet more Stagefright issues.
This doesn’t mean you’re safe, of course -- OEMs can take a very long time to release their own updates, and older devices may not get them at all.
VTS for Android is a free open source app which can check your phone or tablet for 22 known device vulnerabilities, alerting you to any potential problems.
Installation can be awkward. Avast warned us that the app was malware, apparently because of its Stagefright detection code.
This is an open source project from a known and trusted developer, though, so it looks to us like the kind of false alarm you often get with security tools (check out the GitHub page and developer’s site if you need to find out more).
Launch VTS for Android and there’s a pause while it gathers and displays some basic system information.
Hit the Search button when it appears to launch the Device Vulnerability Scanner.
Around 30 seconds later our results were in. Every tested vulnerability was listed -- futex, GraphicBuffer::unflatten, lots of Stagefright variants, and more -- along with our "at risk" rating, in reassuring green or time-to-panic red.
There’s no context provided, unfortunately. If your device turns out to be vulnerable to "CVE-2015-3636/pingpong", you can’t tap the alert to get a description of what that actually means.
Still, VTS for Android does at least provide warnings for a lot of vulnerabilities, and that alone makes it worth the download. Go check your device immediately.