You're probably exposed to a massive new Android security flaw

If you own an Android smartphone, odds are you’re vulnerable to a security flaw that can be activated by one measly text message.

The “Stagefright” exploit, which was discovered by Zimperium zLabs in April, is considered by the consultancy to be much worse than last year’s HeartBleed vulnerability. That’s because a hacker is capable of launching a Stagefright attack on 95%, or 950 million, Android devices, by sending a multimedia message.

Even if you don’t open the message, the attacker is capable of recording audio and video on your device, which would then allow him or her to access your phone’s data and privileges. This means he or she can steal all of your current information and monitor future activity.

Who is at risk? Well, everyone

Older devices, such as the Samsung Galaxy S4 and LG Optimus Elite are particularly easy to hack into because they don’t have the technology embedded into the unit to isolate app data. However, any Android device manufactured after 2010 is susceptible to the exploit.

Google, which has known about Stagefright for more than a year, says newer devices make the exploit much more difficult to execute. It also says it has added seven patches to the Android operating system to stop the vulnerability, but it has not revealed which devices have been patched.

We have reached out to Google for comment. We will update this piece once we hear back.