HIGHLIGHTS
·
f exploited QuadRooter flaw gives attackers complete control of
devices
A new Android
flaw has been reported by security researchers that is claimed to affect
roughly 900 million Android devices. Check Point mobile research team first
reported the issue and claims that it affects all devices using Qualcomm
chipsets.
Dubbed
'QuadRooter', it is said to be a set of four vulnerabilities affecting Android
devices built on Qualcomm chipsets. The research team
explains that if any one of the four vulnerabilities is exploited, an attacker
can trigger privilege escalations for the purpose of gaining root access to a
device. The team also claimed that the QuadRooter vulnerabilities are present
in software drivers that ship with Qualcomm SoCs. "Any Android device
built using these chipsets is at risk," notes Check Point.
Qualcomm informed ZDNet that
patches for the issue were released to "customers, partners, and the open
source community between April and the end of July."
One of the
biggest concerns with the QuadRooter vulnerability is that the buggy software
is pre-installed on devices at the point of manufacture, and can only be fixed
via security patch released by the carrier or distributor. "Distributors
and carriers issuing patches can only do so after receiving fixed driver packs
from Qualcomm," adds Check Point in a blog post.
ADVERTISEMENT
"An
attacker can exploit these vulnerabilities using a malicious app. Such an app
would require no special permissions to take advantage of these
vulnerabilities, alleviating any suspicion users may have when
installing," explains Check Point mobile research team.
Some of the popular devices said to be affected by the new
QuadRooter flaw include BlackBerry Priv, Google Nexus 5X, Nexus 6P, HTC 10, LG
G5, Moto X, OnePlus 3, and Samsung Galaxy S7 among others. The team also
claimed that secure phones - Blackphone 1 and Blackphone 2 - are also likely to
be affected by this vulnerability. Adam
news from gadgets 360
Mobiles News 900 Million Android Devices Affected by Critical 'QuadRooter' Vulnerability
Reviewed by CITIADDA
on
August 09, 2016
Rating: