Just months after the original Stagefright attack, it's back with a vengeance, meaning you Android device is vulnerable to attacks.
The original bug, which appeared back in July, meant users were exposed to hacks by simply opening a link in an MMS message.
The same security company that found the original vulnerability has now found a newer version that have been dubbed Stagefright 2.0. Here's our explainer of what Stagefright is and how you can avoid your phone getting hit.
What is Stagefright 2.0?
The researcher at Zimperium Security, who found the original vulnerability, has discovered two new ways to access the hack.
Attackers can get access to your Android device after downloading specially crafted MP3 audio and MP4 video files.
You could download these files by being sent to a suspicious URL, by an attacker on the same network, or through third party apps.
How to avoid Stagefright 2.0
Our best tip is to not download any free MP3 or MP4 files from unknown sites. If you're teased into a deal for free music or anything, be sure to avoid it.
That said, there's no real way of entirely avoiding Stagefright 2.0 as it can be placed within third party apps. Your best bet is to not download any apps you're uncertain of right now.
What is Google doing to combat Stagefright 2.0?
Google will be releasing an update to tackle the new hack at some point next week. That'll then take a little while to roll out to Nexus devices, and then it's going to take a bit longer for those on other manufacturers.
That's the main issue here – manufactures can't get their updates quick enough to combat these issues.
Security expert Graham Cluley told techradar, "These critical Android vulnerabilities appear to be coming around with disturbing regularity.
"What worries me most, however, is that many Android users are completely lacking any easy means to receive an update to their OS, which means they are potentially sitting ducks for an attack."
So in sum, avoid downloading dodgy files from unknown sources, and be sure to update your Android software at the first possible moment to keep safe.
Article continues below