A major security flaw has been discovered in Android operating systems, versions 2.2 & onward; it has been termed Stagefright.  Miscreants can take control of affected Android devices simply by sending  a specially crafted multimedia text message.  Apparently, up to 1 billion devices around the world are at risk.

Imagine a scenario where someone takes control of your friend’s phone through Stagefright and infects it with an automatically propagating virus (known  as a worm).  The worm then automatically sends the specially crafted malicious multimedia text message to everyone in your friend’s contact list, taking control of all those phones.  Your phone number is within your friend’s contact list so therefore you are now infected and the worm has control, which in turn infects everyone in your contact list.  Given this scenario, it is entirely conceivable that you will, at some point in the future, be attacked by this.

You will be at risk, until: you take measures to protect yourself, or your device manufacturer or phone carrier patches up your software.

If you are running the original equipment manufacturer’s (Samsung, etc.) or phone carrier’s (Bell, Rogers, etc.) pre-installed operating system, they may not send you the update that you need, especially if you are using a device from years past.  You could contact your phone carrier or device manufacturer to find out whether or not they are going to provide updates for the operating system.

If you installed an operating system on your own (such as CyanogenMod) you should update it immediately.

The most likely scenario is: you did not install an operating system on your own and you might not receive an update for your operating system from the carrier or manufacturer; in this case, it’s possible for you to block MMS (multimedia text messages).  There are a number of apps on the google play store that can help block MMS.  This one in particular looks useful but I haven’t yet tried it.

You might be able to disable automatic downloading of MMS to provide minimal protection.  It should only take 5 minutes and won’t incur any negative side effects.  To do so: open your messaging app (press Messages on screen), press the menu button, then press Settings/Options.  Search through to find the option to disable MMS auto-retrieve.  Following that, don’t open any multimedia text messages unless you are sure they are legit (hint: someone in control of your friend’s phone can pretend that they are sending you a legit message, perhaps even responding to your inquiries when you’re trying to determine whether or not your friend actually sent you a legit message.  The minimal level of protection suggested by this here method is hardly sufficient).