Android Security Update
The Pixavi Blog

Android Security Update

How BARTEC PIXAVI implemented the "Stagefright" fix faster than any other Smartphone vendor. Read more about how BARTEC PIXAVI ensures the safety of our devices.

August 03, 2015

Android is by far the most popular, user friendly and time tested mobile operating system ever made. Since Android is open source, it is popular among both developers, security experts as well as millions of end users. Android is arguable the most secure mobile operating system, since the software is made using modern security policies under constant monitoring by both Google and third party security experts. BARTEC PIXAVIs has an unique product strategy with full control over both hardware and software. For this reason we were probably the worlds first smartphone vendor to release a software fix for a recently discovered security flaw within Android itself. 

Update 20.08.2015 – Latest fixes has been deployed. This includes a 0-day patch released by Exodus Intelligence. This will be released in the latest firmware update coming to all Impact X devices soon. Check your device with the Zimperium Stagefright Detector app on Google Play.

Security experts have recently revealed an Android security exploit called “Stagefright”. The “Stagefright” error relates to the MMS (multi media message) functionality and makes 95 % of Android devices vulnerable to an attack using “Stagefright” permissions to the media library such as images and videos stored on the Android devices onboard memory as well as SD cards. The security error also affects Bluetooth. All versions of Android dating back to Android 2.2 is affected. Users could be exploited without knowing, since the command can be sent to the phone silently. 

Pasted image at 2015_08_20 13_45

How

The good news is that there is already a software patch to fix to the problem which has been deployed by Google. However, this software fix will not reach the normal Android user for a long time. Google says that it is the manufacturers responsibility to deliver these updates. Normally, it takes up to 6 months for updates to be available from most manufacturers. For older products there might never be a fix available. Devices which are not the current “flagship” product will most likely never get the update. According to Forbes, not a single manufacturer has shipped a fix for their users to date (27.07.2015). Google itself explains that they will ship the fix to their own line of “Nexus” phones during August this year, more than 3 months since the error and software patch was first reported to, and accepted by, Google itself.

BARTEC PIXAVI is constantly monitoring the security of our products. When we learned about “Stagefright” we made immediate efforts to secure BARTEC PIXAVI Impact X Smartphone which was affected by this error. Within a few days we had implemented the official “Stagefright” software patch and rolled it out to all Impact X users worldwide using our state of the art OTA (Over The Air) software update system. This means that you can safely use your Impact X and not be vulnerable to this “Stagefright” bug if you are running the latest firmware for your Impact X. BARTEC PIXAVI was probably one of the very first smartphone vendors to release this patch, long before all of the big smartphone manufacturers. This proves BARTEC PIXAVIs unique strategy of having full control over the value chain, including hardware, software and support. BARTEC PIXAVI users will always be among the very first who get access to security updates such as the “Stagefright” security patch. 

Fix

ImpactX_Product_photo_HD

If you do not want to update the your BARTEC PIXAVI Impact X to the latest firmware, or you read this having a smartphone from another vendor who have not released a software fix yet, there is another solution to the problem which you can implement yourself. You can remove the MMS-configuration on your phone. Removing the MMS-configuration will make the device secure again but unable to send and receive MMS. You remove the MMS-configuration by accessing “Settings” -> “Wireless and Network” -> “Mobile Networks” -> “Access Point Names” and choose “Delete” or delete the APN settings individually. 

Read more about Android security and about Android for work. If you have any questions, security related or other, do not hesitate to contact us. The Stagefright detector app can be downloaded here.