Stagefright
MarkIWC
Enthusiast - Level 2

Is there a fix for "Stagefright"?

Do we have it yet?

Is disabling "Messaging" a valid workaround?

Labels (2)
1 Solution
Tidbits
Legend

Google already issued the fix to manufacturers, and they haven't implemented any fix.  It's up to them to complete it.  HTC already said they have it already implemented in their upcoming updates to their devices, but there is no telling when that will be.  All other manufacturers haven't said a thing yet.

T-Mobile said "It's up to the 3rd party vendors to issue a fix" and "If you want more information as your device manufacturer"

View solution in original post

16 Replies
bizzareone
Specialist - Level 1

This was just reported today. Its a software vulnerability not a vulnerability with the services that verizon provides. Google will issue a patch to the manufactures when they have the new code.

0 Likes
Reply
Tidbits
Legend

Google already issued the fix to manufacturers, and they haven't implemented any fix.  It's up to them to complete it.  HTC already said they have it already implemented in their upcoming updates to their devices, but there is no telling when that will be.  All other manufacturers haven't said a thing yet.

T-Mobile said "It's up to the 3rd party vendors to issue a fix" and "If you want more information as your device manufacturer"

MarkIWC
Enthusiast - Level 2

Droid Turbo is a Verizon only phone.  Also, Verizon has a Messenger+ app, that they could patch, right?

0 Likes
Reply
Heretic1989
Specialist - Level 2

If VZW actually created the messenger + app, then they can check it themselves. If they didn't. Then they would have to contact the person and/or company that made that app.

0 Likes
Reply
Tidbits
Legend

Guys... It's NOT the apps. It's the OS... If it was the app then Google would NOT have to come out with a fix and push it out to manufacturers. It's up to the manufacturers to fix it. Regardless of popular belief carriers don't touch code.

If you want to protect yourself for now turn off auto retrieve.

Ann154
Community Leader
Community Leader

Tidbits wrote:

If you want to protect yourself for now turn off auto retrieve.

That was an easy enough fix for the time being.

I'm most definitely NOT a VZW employee. If a post answered your question, please mark it as the answer.

Piscestg
Specialist - Level 1

Also, someone in the Motorola owner's forum suggested to disable "Hangouts", which I did before any way. And as suggested prior here, turn off Auto Retrieve.

0 Likes
Reply
jeffhardy
Newbie

It may be the OS -- all OSs have bugs that usually get fixed pretty quickly as this one did. The problem here is that Verizon takes literally forever to release OS updates. If this isn't a reason to ditch Verizon, or at least not to use Verizon versions of phones, I don't know what is.

0 Likes
Reply
Tidbits
Legend

Show me where the release of the bugs anywhere were fixed. There's a difference between an OS update and an exploit. This has been explained in other threads. Its on the manufacturers table and there is no OS update/upgrade needed to fix this problem.

0 Likes
Reply
Heretic1989
Specialist - Level 2
derrydavis
Enthusiast - Level 3

This impacts most if not all Android phones. May want to follow the thread here Will Verizon release a patch for the recently announced vulnerability of Android phones to hacking v.... The more customers following and posting to it may get the attention of the Verizon overlords sooner.

0 Likes
Reply
rcschnoor
Legend

derrydavis wrote:

The more customers following and posting to it may get the attention of the Verizon overlords sooner.

You mean like the thread(s) which were hot topics for many months with thousands of replies asking when Android Lollipop would be pushed to their phone???

derrydavis
Enthusiast - Level 3

You had to bring that up! Maybe enough bad press? But I do think this is on a different level because it could end up costing customers people. Any idea if there is wording the contract about maintaining security on devices? Who is responsible? I have a feeling I know what it is but I think it should be on the vendor controlling the device.

0 Likes
Reply
Heretic1989
Specialist - Level 2

Here's some more info. Some of it is piggybacking the 1st link i posted. Some of it isn't.

Stagefright: It Only Takes One Text To Hack 950 Million Android Phones - Forbes

0 Likes
Reply
tysonef163
Enthusiast - Level 2

VZW chat reps say there's a feature called Verizon Protect and Security that is a substitute until the fix is issued....but I have no details from that rep on what that does, and why a Google fix would be necessary if VZW has one....stonewalling and silence is all you ever get from VZW on such topics as software updates

0 Likes
Reply
bdstx4
Contributor - Level 1

StageFright has actually been around a couple years. The only thing you can do is go into the settings of your Message program and uncheck "Auto-Retrieve". This will make it to where every text you receive will show a "Download Now" for all text message attachments. Do not press "Download now" for people you do not know and trust. The is the only work around there is until Google fixes android. This is a base Android vulnerability. Google's responsibility. So no manufacturer like Motorola, Samsung, etc. can fix it.