'QuadRooter' Vulnerabilities Put 900m Android Users At Risk Researchers Say
A research team at Check Point has detailed a new set of Android vulnerabilities that could potentially leave as many as 900 million users exposed to security threats. More specifically, the set of four vulnerabilities – dubbed "QuadRooter" by Check Point – is found within Qualcomm chips, which becomes a major problem when you realize that Qualcomm chips are used in 65% of Android devices.
These vulnerabilities are about as bad as they can get for the typical Android user, as they can potentially allow someone to take over a device entirely. All of the four vulnerabilities in QuadRooter allow for permissions escalation that could allow someone to gain root access to the device, and from there they can do most anything they want. From remotely using the camera on the device to take pictures or record video to using a keylogger to see what you're typing, a less-than-savory person has the potential to do a lot of damage exploiting one of these vulnerabilities.
Check Point notes that the Qualcomm chips that are affected are currently running on a lot of recent Android phones, listing a few of the most popular handsets now open to security risks:
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
The main way an attacker would take advantage of these vulnerabilities is through a malicious app. The problem is that the app wouldn't require any special permissions to exploit the vulnerabilities, which could leave Android users susceptible to attack even if nothing seems suspicious.
Thankfully, ZDNet points out that Qualcomm has sent out fixed drivers to manufacturers, and that Google has already included patches for three of the four vulnerabilities in its monthly security updates. The fourth remains unpatched for the time being, and a fix for that should be included in the September security update.
However, Check Point says this highlights one of the main issues with security when it comes to Android. Since the drivers that are vulnerable are installed on a device at the point of manufacturing, device makers have to wait to receive fixed drivers from Qualcomm itself before those patches can be pushed to users. Those security patches also need carrier approval before they can be sent out over the air, which slows the process down further. Add the fact that manufacturers can sometime be lax when it comes to pushing patches out the door and you have a recipe for a slow response to a potentially serious security threat.
While you wait for final security patches to be pushed to your device, Check Point suggests you adopt some basic measures to avoid risk. These include downloading new patches as soon as they're available – since they usually come with fixes that increase security – using only trusted Wi-Fi networks, and avoiding apps that need to be side-loaded onto your device. Concerned users can also download Check Point's QuadRooter Scanner app from Google Play to see if their device is subject to these vulnerabilities.
SOURCE: Check Point