After the discovery of Stagefright vulnerability, we saw Google and Samsung announcing they would provide security patches to the Galaxy and Nexus range of mobile devices about once every month, starting with the Stagefright patch. Now, LG and Motorola are the latest to join the two firms confirming that they would too be taking the vulnerability seriously, and LG, besides issuing a patch, also says it will boost its security update frequency to a monthly basis.
In response to the Stagefright vulnerability and Google's announcements, an LG representative last week was quoted by Wired to say, "LG will be providing security updates on a monthly basis which carriers will then be able to make available to customers immediately. We believe these important steps will demonstrate to LG customers that security is our highest priority." It is not yet clear as to which LG handsets would be receiving the updates.
Motorola too gave details on the handsets it would be rolling out the Stagefright vulnerability patch to - essentially smartphones released since 2013. The list includes Moto X Style (patched from launch), Moto X Play (patched from launch), Moto X, Moto X (Gen 2), Moto X Pro, Moto Maxx/Turbo, Moto G, Moto G Gen 2, Moto G Gen 3, Moto G 4G, Moto G (Gen 2) LTE, Moto E, Moto E Gen 2, Moto E (Gen 2) 4G, Droid Turbo, and Droid Ultra/ Droid Mini / Droid Maxx.
As per the company blog post, the patch has already started reaching the carriers, which then would take a few days to reach the handsets. The unlocked devices would however, be getting the update sooner. Meanwhile, the company has advised its users to disable the auto-receiving MMS feature. Other manufacturers that are also issuing Stagefright patches include HTC, Sony, and Google for Android One devices.
Zimperium, the security firm which discovered Android's Stagefright vulnerability in July, has also released an app that allows users to check whether their device has the said vulnerability - the Stagefright Detector App.
Stagefright is an open source media player that is used by about 95 percent of Android devices, or about 950 million devices. Zimperium reported a vulnerability in Stagefright late last month that, if exploited, could let attackers to take control of an Android device by sending a specially crafted media file delivered by an MMS message.