If you’re using a phone running Android 2.2 or any later version (and you likely are), do us a favor and get this done, pronto:
- Open your Messages app and get to its Settings page.
- Scroll down to the MMS settings section and tap on “Auto Download MMS.”
- Then, turn off the auto-download (or auto-retrieve) feature on any and all of your SIMs.
That done, here’s the reason why: Stagefright.
Starting with Android 2.2, the mobile operating system has had the Stagefright code library for playback of multimedia messages. And mobile security firm Zimperium announced on July 21 that the Stagefright library is a Petri dish for numerous bugs, any of which will allow infection not only of your phone but also those of others on your contacts list.
The Stagefright bugs make your phone vulnerable to malware infection through multimedia messages, yes, those MMS messages that hardly anyone uses because its cheaper to simply toggle on your data connection for sending pics, vids and over the ‘Net.
But, even if you haven’t used MMS since the last decade, you’re phone remains vulnerable if it still has those default settings for an MMS access point and for automatically downloading any such message that’s sent your way. That’s why the workaround, to let you screen any MMS messages that may get through … and delete the message if no friend told you to expect a picture or video sent this old-fashioned and expensive way.
It would’ve been better to remove/disable all MMS features on your phone but you’ll find that the MMS access point or APN can’t be deleted from the list. The APNs on your phone’s list seem to be synchronised with those of your chosen Telco (i.e. Globe, Smart, Sun, etc.).