There’s a new set of exploits for the Android operating system that have been in the news lately. These threats have been named “Stagefright” after the media processing library where the problem was found. These vulnerabilities exist in all Android devices since version 2.2. Here at Spectralink we take the security of our products seriously. We already had many of the security problems fixed in the new 1.6 firmware release for the Spectralink PIVOT devices before “Stagefright” hit the news. Additionally, we have in place powerful, state of the art security features, mitigation strategies and best practices that help limit the impact of such security threats. These features help mitigate threats today and shield against future threats.
Of course, no system is perfect – and potential hacks are always a possibility. This is why we’d recommend some additional steps to protect yourself. The main focus in the media has been on one specific attack vector, an MMS message from an unknown party containing a malicious media attachment. Spectralink PIVOT devices are not vulnerable to this exact vector, but it is possible for an attacker to leverage these vulnerabilities in another way. Anywhere a media file can be opened is a potential way in for hackers. To close these off, turn off programs that will automatically load media files from unknown sources. Of course, never open any email attachment from unknown sources. And, lastly, limit web browsing to only known and trusted sites.
More details on “Stagefright” will be shared in the coming days. The authors of the exploit have a talk scheduled at this week’s Black Hat security conference and our experts are following the latest developments closely. Stay tuned and we will keep you up-to-date on how “Stagefright” could affect you and how best to protect your devices.