A year ago, a set of serious Android vulnerabilities collectively called Stagefright emerged. It was said to affect more than a billion Android phones globally, essentially any phone with Froyo 2.2 and above, and security researchers dubbed it as "the worst Android vulnerability ever."
How bad was this exploit? Researchers warned that the flaws were so critical that a phone can be hacked and taken over with just a single text. All the attacker needed to do was send a multimedia message (MMS) with the exploit and it would automatically attack the phone as soon as the message was received.
Scarier still, the user doesn't even have to view the malicious MMS. The attack occurs even before the message notification sound is heard and there's nothing that can be done to prevent it.
Since that time, Google has already issued patches for 115 flaws, a majority of them are directly related to the Stagefright exploits. With all these fixes, you would think the Stagefright scare is way behind us now.
But not so fast.
According to security researchers, even after a year of updates and patches, hundreds of thousands of Android users are still at risk. The vulnerabilities are still out there, just waiting for someone to exploit them.