Original release date: July 28, 2015

Android devices running Android versions 2.2 through 5.1.1_r4 contain vulnerabilities in the Stagefright media playback engine. Exploitation of these vulnerabilities may allow an attacker to access multimedia files or potentially take control of a vulnerable device.

Users and administrators are encouraged to review Vulnerability Note VU#924951 for more information. US-CERT recommends affected Android users contact their wireless carrier or device manufacturer for a software update.

This product is provided subject to this Notification and this Privacy & Use policy.