You’ve probably heard about the latest Android vulnerability that apparently affects over 900 million Android devices. It’s called StageFright, and the worry is that malware can be embedded in a video that could then run roughshod in your device without you initiating any action whatsoever. The malware ridden video would be sent by MMS and your device would download it automatically, thanks to the auto retrieve setting being ticked in settings of the messaging app. While most carriers are waiting for phone manufacturers to issue software patches to block the exploit, Germany’s Deutsche Telekom is taking a more pro-active approach by disabling the MMS auto-retrieve function itself.
This means that when Deutsche Telekom customers are sent a new MMS, instead of it being downloaded automatically, a SMS notification will be received saying:
“You have a new MMS. You can follow this link to download within 3 days (with credentials like number and passcode)”
Once you click the URL within the SMS, you will be asked to type in your credentials and passcode. While it isn’t a surefire way to avoid being a victim of the StageFright exploit because the manually downloaded video could still contain malware, it is another barrier. Deutsche Telekom says that once the exploit has been patched, they will re-enable the MMS auto-retrieve function.