OneBulkyGuy 0 Posted July 28, 2015 Share Posted July 28, 2015 Are our phones protected from the most recent android text hack that affects 95% of all android phones? Here is a link to the article: hxxp://www.good4utah.com/story/d/story/android-phones-can-be-hacked-with-a-simple-text/31639/Cff8imlmvU2S4FA0lbAEfQ Please advise! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,072 Posted July 30, 2015 Administrators Share Posted July 30, 2015 Since MMS are out of control of any application other than the default messaging application from Android 4.4 (Kitkat) onwards, your phone will be vulnerable until your phone's manufacturer releases patches for the vulnerability. For more information about the Stagefright vulnerability, please refer to hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3751. Link to comment Share on other sites More sharing options...
OneBulkyGuy 0 Posted July 30, 2015 Author Share Posted July 30, 2015 Ummm, that's not what your Customer Service told me a few days ago when I posted this. I was told by your online techs that MMS and Texts were covered under the Android Eset Security App for the $15 per year. I need you to please re-verify this information. I'm a little miffed off since due to the information I received prior to your reply here on the forum, I suggested to many people to purchase your app because it protects them. If this ends up not being true, I'm going to be contacting you and doing some yelling and expecting my friends and family members who signed up just because of this, to receive full refunds. it's too bad, this is the first thing that I have seen Eset not be able to provide security for. Also, from the online tech, they told me it was a Google exploit and that google is on top of it. Looking forward to your prompt and accurate follow up response and perhaps some details of why exactly your application, even with the LIVE GRID doesn't stop this. Link to comment Share on other sites More sharing options...
Rook 2 Posted July 31, 2015 Share Posted July 31, 2015 I think you're confusing the issue here @OneBulkyGuy. There is no way an antivirus program can protect/patch an exploit or vulnerability, this is a big reason why operating systems get updated. But it would likely add a layer of protection to a malware-related payload on the phone. Link to comment Share on other sites More sharing options...
mathuaerknedam 0 Posted August 6, 2015 Share Posted August 6, 2015 (edited) I think you're confusing the issue here @OneBulkyGuy. There is no way an antivirus program can protect/patch an exploit or vulnerability, this is a big reason why operating systems get updated. But it would likely add a layer of protection to a malware-related payload on the phone. ESET NOD32 explicitly lists "exploit blocker" as a feature because protection from vulnerabilities is a basic function of this sort of product. Security software is not categorically limited to scanning downloads for the fingerprints of known malware. Good security software will do that, but will also employ heuristics to watch for suspicious behavior and log it in addition to either blocking it or asking the user for confirmation. For example, it's not too uncommon for debuggers or other development tools to require user-whitelisting because their behavior is suspicious by function. It does seem that ESET and other security companies can't provide the same level of protection on Android that they do on Windows. That's disappointing, and I'm surprised I haven't yet found any Security company explicitly admitting such limitation. I can understand it when used on stock phones, but I would expect better options for phones that are rooted. Edited August 10, 2015 by mathuaerknedam Link to comment Share on other sites More sharing options...
goon-heaven 0 Posted August 10, 2015 Share Posted August 10, 2015 I would like to see an ESET MMS app. Link to comment Share on other sites More sharing options...
mathuaerknedam 0 Posted August 10, 2015 Share Posted August 10, 2015 (edited) Zimperium reported on July 30 (9 days ago) that they believe that this is being exploited in the wild. In the same post, they write "Zimperium’s Mobile Threat Protection customers are safe from this threat, even without updating the device to the latest Android version." If they are to be believed, this confirms that Android security software *can* protect from the Stagefright exploit. Trend Micro claims to offer "a layer of protection", but I interpret that as meaning "probably better than nothing". ESET makes no claim of protection, and only advises app-level mitigations (for MMS and web browsers) while ignoring vulnerabilities through other video-capable apps or through malicious apps. Would ESET protect against malicious apps? This article on The Hacker News provides a good high-level description of the non-mms attack vectors. For more detail, read Trend Micro's report. FWIW, the latest versions of Textra and Chomp SMS have Stagefright-specific protections that default to on. This is in addition to to Google's Messages and the other SMS/MMS apps that are normally mentioned in mitigation procedures. Edited August 10, 2015 by mathuaerknedam Link to comment Share on other sites More sharing options...
aziz07 1 Posted August 12, 2015 Share Posted August 12, 2015 Eset on windows has a long history while Android AV are recent. Also, Google is the one responsible for such flaws. Link to comment Share on other sites More sharing options...
Recommended Posts