Site icon Wonderful Engineering

New Security Flaw Affects 900 Million Android Devices

Quad Core Root

Pic Credits: 4.bp

A recent report has revealed that a Quadrooter consisting of a set of four vulnerabilities or security flaws has affected all the Android devices functioning on Qualcomm chipsets. The problem is grave, as through the use of these loopholes, hackers and other malicious elements can easily manipulate the user’s phone and it’s activities.

This flaw was exposed by a security firm called Checkpoint Software Technologies. This was later on formally revealed by them at an annual security conference, DEF CON 24 in Las Vegas, Nevada.

Adam Donenfield who is the lead mobile researcher at the security firm said at the conference, “During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems.”

Most android devices around the world have been severely affected by this problem, which includes the latest Google Nexus 5X, Moto X, Samsung Galaxy S7 and even BlackBerry DTEK50.

After this issue was put into the limelight, the protocol set by CERT-CC (Computer Emergency Response Team Coordination Centre) was immediately applied. Qualcomm has received a time period of up to 90 days to clear the issues and distribute them to OEM’s and network carriers.

4.bp
4.bp

This has sent panic through the security as well as the android user circle, who now have understandable yet grave security concerns. One website offers a solution, by urging the users to download an app via Google Play that that can and remove the Quadroot virus.

According to the Federal Communications Commission (FCC) and Federal Trade Commission (FTC), consumers may be left unprotected and prone to be affected by hack attacks for long periods of time or even indefinitely if there are any delays in patching vulnerabilities.  They also showed concern that there are several delays in producing this patch, and that some of the older devices may never get patched.

However, Qualcomm has responded by putting our attention to the fact that they had fixed all the flaws between April and July, and also have issued patches to all phone manufacturers and network carriers.

Three out of the total four patches had been integrated into the latest version of Google Security Bulletin in July. Google says that the last patch will be included in the August Security bulletin. But phone manufacturers also have the option to  patch the flaw earlier on their own, since Qualcomm has already shared the code with them.

Head of mobility product management at Check Point Michael Shaulov said in an interview that at this point in time, no android user is fully secure. And this is due to some kind of issue of who fixes what between Qualcomm and Google.

The only way to keep your data safe and step out of this fiasco is by either installing the Android updates as soon as they are available or by switching to another device that has a definite security app, and preferably which is already patched up. Users should also strictly refrain from installing “side-loading” apps which can be involved in malicious activities on your phone. You can download the Google Store App called QuadRooter Scanner posted by CheckPoint here, although the efficiency and the application of this app is still in doubt.

Are you concerned about the security of your android device? Share your feelings in the comments below!

Exit mobile version