Wireless: 900M Android Devices Vulnerable

Monday, August 8, 2016 @ 07:08 PM gHale


Four vulnerabilities affect over 900 million Android smartphones and tablets, researchers said.

QuadRooter is a set of four vulnerabilities affecting Android devices built on the Qualcomm chipset, a supplier of 80 percent of the chipsets in the Android ecosystem, said researchers at Check Point Software Technologies. If any one of the four vulnerabilities ends up exploited, an attacker can trigger privilege escalations and gain root access to a device, enabling them to change or remove system-level files, delete or add apps, and access the device’s screen, camera or microphone.

RELATED STORIES
Linux Kernel Defenses added to Nougat
Android FDE Vulnerability Patched
Google makes 108 Fixes for Android
Android Keyboard App Collects Info

The vulnerabilities are in the software drivers Qualcomm ships with its chipsets. An attacker can exploit these vulnerabilities using a malicious app to trigger privilege escalations and gain root access to a device. This app would require no special permissions to take advantage of the vulnerabilities, which means they would not make users suspicious.

Affected devices include:
• Samsung Galaxy S7 & S7 Edge
• Sony Xperia Z Ultra
• Google Nexus 5X, 6 & 6P
• HTC One M9 & HTC 10
• LG G4, G5 & V10
• Motorola Moto X
• OnePlus One, 2 & 3
• BlackBerry Priv
• Blackphone 1 & 2

Since the vulnerable drivers are pre-installed on devices when they are made, they can only end up fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm.

Check Point released a QuadRooter scanner app that enables Android users to find out if their device is vulnerable, and prompt them to download patches for the problem.

Check Point researchers provided Qualcomm with information about the vulnerabilities in April. The team then allowed 90 days for Qualcomm to produce patches before disclosing the vulnerabilities. Qualcomm reviewed these vulnerabilities, classified each as high risk, and has since released patches to original equipment manufacturers (OEMs).

Check Point recommends the following best practices to help keep Android devices safe from attacks:
• Download and install the latest Android updates as soon as they become available
• Understand the risks of rooting devices – either intentionally or from an attack
• Avoid side-loading Android apps (.APK files) or downloading apps from third-party sources. Instead, download apps only from Google Play
• Read permission requests when installing any apps carefully. Be wary of apps that ask for permissions that seem unusual or unnecessary, or use large amounts of data or battery life
• Use known, trusted Wi-Fi networks or while traveling use only those that you can verify are provided by a trustworthy source