While an official proof of concept has not been released, NowSecure researchers have reviewed the available details and believe the Stagefright vulnerability is credible.
The attack is based on the Stagefright library, which includes handling decoding of audio and video files and associated metadata. Patches are available but working through distribution channels.
Until patches have been applied, Android device users can better protect themselves by disabling auto downloading of MMS, as this is the easiest approach an attacker would take to exploit the vulnerability en masse. Third-party SMS applications are unlikely to prevent the vulnerability unless they specifically disable loading of media. Simple avoidance of viewing untrusted media files may not be sufficient to mitigate risk as many applications, including browsers, can automatically trigger the vulnerability. Ultimately the only true mitigation is to be patched.