mathuaerknedam

Zimperium reported on July 30 (9 days ago) that they believe that this is being exploited in the wild. In the same post, they write "Zimperium’s Mobile Threat Protection customers are safe from this threat, even without updating the device to the latest Android version." If they are to be believed, this confirms that Android security software *can* protect from the Stagefright exploit. Trend Micro claims to offer "a layer of protection", but I interpret that as meaning "probably better than nothing". ESET makes no claim of protection, and only advises app-level mitigations (for MMS and web browsers) while ignoring vulnerabilities through other video-capable apps or through malicious apps. Would ESET protect against malicious apps? This article on The Hacker News provides a good high-level description of the non-mms attack vectors. For more detail, read Trend Micro's report. FWIW, the latest versions of Textra and Chomp SMS have Stagefright-specific protections that default to on. This is in addition to to Google's Messages and the other SMS/MMS apps that are normally mentioned in mitigation procedures.

ESET NOD32 explicitly lists "exploit blocker" as a feature because protection from vulnerabilities is a basic function of this sort of product. Security software is not categorically limited to scanning downloads for the fingerprints of known malware. Good security software will do that, but will also employ heuristics to watch for suspicious behavior and log it in addition to either blocking it or asking the user for confirmation. For example, it's not too uncommon for debuggers or other development tools to require user-whitelisting because their behavior is suspicious by function. It does seem that ESET and other security companies can't provide the same level of protection on Android that they do on Windows. That's disappointing, and I'm surprised I haven't yet found any Security company explicitly admitting such limitation. I can understand it when used on stock phones, but I would expect better options for phones that are rooted.