Four threats, identified recently, are showing the intensity to affect over 900 million users, using Android devices. A research team working on Check Point, recently publicized this observation.
These threats were given a collective title “QuadRooter” by the research team members. To their observation, these vulnerabilities can affect those Android devices that use QUALCOMM chipsets. Usually, these chipsets are found in the software drivers for the chipsets. Drivers that monitor the communications between the components of the chipsets are used by the developers in the devices and it comes pre-installed. The only way to shoot this QuadRooter trouble is to install a patch, either from the carrier or the distributor.
Any of these QuadRooter 4 vulnerabilities will enable the intruders to stimulate a privilege escalation and consequently achieve the access to the devices they target. Intruders can even exploit these vulnerabilities, adopting malicious apps that can function without the special permission. Hence, the detection of the presence of these QuadRooter vulnerability turns almost impossible.
How to fix the Qualcomm vulnerabilities?
Qualcomm has already produced the fixes to the vulnerabilities under discussion. Patches developed by this company has already been posted at CODEAURORA. Consequently, the company is working proactively with the security researchers and the internal parties in identifying and offering a solution to the potential security threats. However, users should not afford to take the security of their devices casually. Even the company officials revealed their concern on the probable time frame that the Smartphone manufacturers, as well as the carriers, might take for distributing the updates on the latest drivers. In the opinion of the experts, this is a major threat to the ecosystem of the Android devices.
Devices that stands the maximum threats from these security threats
As per checkpoint, about 65% of the market for LTE Modem baseband is the soft target for Qualcomm. It includes a few of the most in-demand Android devices, using the chipsets. Following are the devices that stand the maximum security threats:
- Google Nexus 5X, 6 and 6P
- Samsung Galaxy S7 and S7 Edge
- HTC One, M9 and 10
- Motorola X
- BlackBerry Priv
- OnePlus One, 2 and 3
- Sony Xperia Z Ultra
- LG G4, G5, and V10
Security concerns associated with Qualcomm
In a span of a few months in the past, various security threats in Qualcomm chipsets have come up with the observations. It was in March, it was reported that these threats are preying on the Android devices, powered by Snapdragon. As per the report, these threats can even access the targeted devices by running malicious applications. Later in May, security researchers reported a threat the can enable the hackers to achieve code execution within the execution ecosystem of Qualcomm.
How to combat the threats?
- Users should install solutions that can detect and mitigate the threats if any.
- Users need to install the latest update on Android, as soon such updates come up.
- Before accepting the request for app installations, users should check whether if it is a legitimate request.
- Users should never download apps from sources other than Google Play.