Android – the most popular open source operating system, which was affected by some of the vulnerabilities in the past like stage fright, CVE-2015-3842, Google’s full-disk encryption flaw and few other was now affected by a new Vulnerability. Nearly 1 Billion android devices are now in risk with the newly discovered QuadRooter Vulnerability.
What is QuadRooter Vulnerability?
An Israeli cyber security firm named Checkpoint has submitted their findings about the QuadRooter Vulnerability in a session at DEF CON 24 in Las Vegas. According to Checkpoint research team – QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. These vulnerabilities come pre-installed on devices powered by Qualcomm processors. Report says that this Vulnerability has already affected nearly 1 Billion android devices globally.
So if the device is affected by any one of these four vulnerabilities, then the hackers can easily trigger privilege escalations to gain the root access of your device.
Which devices are affected due to QuadRooter Vulnerability?
This Vulnerability is limited to the devices running with Qualcomm chipsets. So, if your device is built with Qualcomm chipset, then your device might be affected. Checkpoint reserach team has already listed out of the devices which got affected due to this Vulnerability.
According to them, following devices are affected with QuadRooter Vulnerability – BlackBerry Priv, Blackphone 1, Blackphone 2, Google Nexus 5X, Nexus 6, Nexus 6P, HTC One, HTC M9, HTC 10, LG G4, LG G5, LG V10, New Moto X by Motorola, OnePlus One, OnePlus 2, OnePlus 3, Samsung Galaxy S7, Samsung S7 Edge and Sony Xperia Z Ultra. This is not the complete list, many devices which are not listed here also affected with this Vulnerability.
How To Check QuadRooter Vulnerability on your Qualcomm chipset based Android device?
Maximum number of the android devices with Qualcomm chipsets are affected due to this Vulnerability. You can check if your device is affected or not.
1. Go to Google Play Store and Download the QuadRooter Scanner, an app developed by Check Point Software Technologies, Ltd.
2. Open the app, Tap to scan your device, it will take a few seconds to scan your device for the Vulnerability.
3. Once the scan is completed, it will list out the Vulnerabilites if any, else you’re safe.
List of QuadRooter Vulnerabilities:
How to fix QuadRooter Vulnerability:
As the vulnerabilities come pre-installed on devices powered by Qualcomm processors, only the software patch from the manufacturer can solve the issue. As per Qualcomm, patches for these vulnerabilities has already been sent to their customers and partners between April and July.
Out of 4 vulnerabilities, Google has already released the security update for 3 vulnerabilities [CVE-2016-2059,CVE-2016-2504,CVE-2016-2503]. The security patch for the rest one vulnerability [CVE-2016-5340] will be rolled out in the upcoming security patch update, according to Google. In the meanwhile, the mobile phone manufacturers can obtain the fix directly from Qualcomm and roll out an update their devices.
So, the end users need to wait for the security update from manufacturers. Till then make sure you do not install or side load untrusted APK files on your phone. This might cause major issues on your device and allow hackers to take control of your device. Keep checking for the software updates on your device and update it ASAP once got it.