Android users today are becoming more concerned about the security of their devices and opt for all security measures, including antivirus for Android devices. At the same time, we get to hear about new vulnerabilities that affect devices, including Android devices. Here’s an addition to the list of Android vulnerabilities…
Over 900 million Android phones are reportedly affected by four “high” risk escalation vulnerabilities, which have been dubbed ‘QuadRooter’.
Researchers at Security firm Check Point have disclosed details about this set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team presented its findings in a session at DEF CON 24 in Las Vegas.
A post made on the Check Point blog discusses the vulnerabilities in detail. Under the heading “What is QuadRooter?” they say- “QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.”
Qualcomm chipsets are found in some of the latest and most popular Android devices available today, including BlackBerry Priv, Google Nexus 5X, Nexus 6, Nexus 6P, Samsung Galaxy S7, Samsung S7 Edge, Blackphone 1, Blackphone 2, Sony Xperia Z Ultra, Motorola New Moto X etc.
The Check Point blog post explains- “QuadRooter vulnerabilities are found in software drivers that ship with Qualcomm chipsets. Any Android device built using these chipsets is at risk. The drivers, which control communication between chipset components, become incorporated into Android builds manufacturers develop for their devices.”
A hacker who wants to exploit these vulnerabilities can trick the user into installing a malicious app. Such an app would require no special permission to exploit these vulnerabilities.
Check Point researchers explain the risks involved in case an Android phone is attacked exploiting these vulnerabilities- “If exploited, QuadRooter vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data on them. Access could also provide an attacker with capabilities such as keylogging, GPS tracking, and recording video and audio.”
Check Point also lists a few best practices that could help Android users keep their devices safe, from all kinds of attacks. These include downloading and installing the latest Android updates as soon as they become available, understanding the risks of rooting Android devices, examining all app installation requests carefully before accepting them and making sure they are legitimate, avoiding side-loading Android apps, avoiding download of apps from third-party sources, reading permission requests carefully when installing apps, using known, trusted Wi-Fi networks only and using apt mobile security solutions. It’s in fact more advisable to download apps only from Google Play.
As regards sorting the issue, Check Point has this to say- “Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm.”
Qualcomm has reportedly fixed all flaws and had reportedly issued patches to customers, partners, and the open source community between April and the end of July.
It’s always good that Android users stay updated about all vulnerabilities and flaws that could affect their devices. Yes, there is more to security than just using or updating antivirus for Android.