I don’t know how I missed news of this security Vulnerability, I guess i’m not really digging into the web like I used to before. Although many of you might know this already I decided to write about it here just in case.
Apparently there’s a security flaw/bug that allows attackers to exploit a flow in the MMS messaging that will give attackers the ability to read the phone’s directories. An example of this is shown the following video :
To be able to successfully protect yourself from the vulnerability you have to ensure that you update your device to the latest firmware and make sure that you have the latest software updates to your handset. Truth be told, not all manufacturers will update their phones in the same time and you might find updates rolling out soon enough. Therefor if your phone is still vulnerable after the updates, continue reading on!
To identify if you’re phone is vulnerable all you have to do is download an app (created by the guys that discovered the actual bug/vulnerability) and it will simply show if your phone is affected or not.
Tried it with my phone and guess what – Its Vulnerable !
I also check my phone for updates but it was up to date, both apps and fimware.
You can have a look at their Best Practices which basically mean to be safe until the update you have to disable the MMS auto download feature!
They have a good write up here.