Aarti Shahani, reporting for NPR:

In this attack, the target would not need to goof up — open an attachment or download a file that’s corrupt. The malicious code would take over instantly, the moment you receive a text message.

“This happens even before the sound that you’ve received a message has even occurred,” says Joshua Drake, security researcher with Zimperium and co-author of Android Hacker’s Handbook. “That’s what makes it so dangerous. [It] could be absolutely silent. You may not even see anything.”

And we all thought the iOS text message vulnerability was bad. But this is a serious exploit, especially considering how long it takes for most Android devices to receive OS updates.

(Via John Moltz.)