Sony has said that it will release updates with patches for Stagefright vulnerability for Xperia Z series devices this month (August).
Until the update is available, Xperia owners can protect their devices by disabling the automatic download of MMS, says Sony in a statement issued to Xperiablog.
"Sony has received the patches from Google to correct the issue and are making them available through retail partners within ongoing software maintenance – updates will start rolling out over the next few weeks, with exact timings varying by region.
"Users can also take steps to protect themselves by disabling the automatic download of MMS messages and deleting those from unknown senders, exercising caution when opening email attachments, connecting to well-known Wi-Fi networks and ensuring websites, services and application stores are authentic."
Prior to this, Google had announced, at the Black Hat 2015 event, that a fix would be issued in August for Xperia phones such as Xperia Z2, Z3, Z3+ and Z3 Tablet Compact. Other Xperia models along with hundreds of other devices would receive the security patch too.
Zimperium researchers, who discovered the Stagefright exploit has created an app – Stagefright Detector - using which you can test your Xperia phone to know whether it is susceptible to this attack. The Stagefright Detector app is available to install from Google Play Store.
Stagefright is a media playback service in Android, which basically unpacks and plays multimedia messages. The vulnerability in this could allow hackers to get media privileges of your device when processing an MMS, without any need of end-user action.