August 8th, 2016, 19:44 PM
'Quadrooter' Bug Puts Android Devices At Risk
Android owners, beware: Security flaws found in Qualcomm processors serving Google's mobile operating system could put your devices at risk.
Researchers at security firm Check Point researchers recently discovered the vulnerabilities, which may affect as many as 900 million devices.
During last week's Def Con security conference in Las Vegas, Check Point's Adam Donenfeld revealed four new privilege escalation exploits—together dubbed "Quadrooter"—which can be used to remotely gain root access to Android handsets. An attacker simply needs to trick a user into installing a malicious app, and the cyberthief gains unfettered access to saved data. The attacker can also change or remove system-level files; delete or add apps; and access the device's screen, camera, or microphone, the security firm said.
Since the vulnerable drivers are pre-installed, they can only be fixed via a patch from distributors or carriers. Those companies, meanwhile, can only push the repair after receiving new driver packs from Qualcomm.
Qualcomm claims to have already fixed all four flaws, and Google said it patched three in an August update; the final debugging will come with the company's next security update, Android Headlines said.
Neither Qualcomm nor Google immediately responded to PCMag's request for comment.
Concerned Android owners can download Check Point's free QuadRooter Scanner app, which, as its name suggests, scans your phone to see if the necessary patches have been downloaded and installed.