An expert on smartphone security has discovered a crucial flaw in Android’s OS that could see 95 percent of phones hacked into via MMS messaging.
Joshua Drake from Zimperium zLabs said that hackers would only need your mobile number. Once available they remotely execute a set of code via a media file through an MMS. He claims that the attack may actually be able to delete the offending MMS during its execution leading you to only see the notification.
Drake reported these vulnerabilities to Google and also submitted patches for them to use. While he claims that Google has already applied the patch to the code, pushing the updated code to devices worldwide will be ‘lengthy process of update deployment’.
Such updates for Android devices have traditionally taken a long time to reach users. Devices older than 18 months are unlikely to receive an update at all. This is because rolling out fixes to individual phones is dependant on the manufacturer and the service used to update the phones.