Google: Android protects against three of four QuadRooter flaws

Verify Apps feature nullifies QuadRooter in Android Jelly Bean and above

Android should already be able to block three of four QuadRooter attacks automatically, according to Google.

QuadRooter is the latest vulnerability to be found to affect the operating system, with security research firm Check Point uncovering four flaws this week that give hackers root-level access to Android devices.

However, the researchers could not find any existing exploits taking advantage of QuadRooter and Google has now said Android already protects against most of the flaws.

Advertisement - Article continues below

Its Verify Apps feature, enabled by default in all Android versions since Jelly Bean 4.2, can recognise malicious apps using QuadRooter, and block them.

A Google spokesperson told Android Central: "We appreciate Check Point's research as it helps improve the safety of the broader mobile ecosystem. Android devices with our most recent security patch level are already protected against three of these four vulnerabilities.

"The fourth vulnerability, CVE-2016-5340, will be addressed in an upcoming Android security bulletin, though Android partners can take action sooner by referencing the public patch Qualcomm has provided.

"Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these."

Google's response stresses that users would have to go out of their way to download malicious apps in order for QuadRooter to work, and disable Verify Apps to allow the download to happen.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The only Android devices really at risk are those running anything lower than Android 4.2. Cumulatively, Android versions above 4.2 account for 56 per cent of all mobile operating systems, according to NetMarketShare.

08/08/2016: 900 million Android smartphones at risk of QuadRooter hack

Hundreds of millions of Android smartphones and tablets are at risk from hackers due to a flaw in the Qualcomm chipsets that power them, researchers have found.

QuadRooter, as the issue has been named, is in fact a set of four vulnerabilities that, when exploited, allows an attacker to gain root access to the bug-afflicted device, which means that can change or remove system files and delete or add apps, as well as accessing the device's screen, camera or microphone.

Michael Shaulov, head of mobility product management at cybersecurity firm Check Point, which discovered the issues, said the vulnerabilities are not currently being exploited, but they are soon likely to be.

Advertisement - Article continues below

Speaking to BBC News, Shaulov said: "I'm pretty sure you will see these vulnerabilities being used in the next three to four months. It's always a race as to who finds the bug first, whether it's the good guys or the bad."

Check Point presented their findings at the Def Con security conference in Las Vegas.

Affected devices include:

  • Samsung Galaxy S7 and S7 Edge
  • Sony Xperia Z Ultra
  • Google Nexus 5X, 6 and 6P
  • HTC One M9 and HTC 10
  • LG G4, G5 and V10
  • Motorola Moto X
  • OnePlus One, OnePlus Two and OnePlus Three
  • BlackBerry Priv
  • Blackphone 1 and 2

Only Android devices are affected, meaning iPhones, iPads and Windows Phones and tablets are safe from this bug.

Qualcomm worked with Check Point to mitigate the issue, and patches for all four have since been issued to device manufacturers. However, as the vulnerability can only be fixed by installing a patch delivered by distributors or carriers, Check Point has developed an app, QuadRooter Scanner, that will let users check to see if they have all the relevant patches downloaded and installed.

If they are not fully patched and no update is available to address the issue, users "should call whoever sold them their phone, their operator or the manufacturer, and beg them for patches", Shaulov told BBC News.

Main image credit: Cyberhades on Flickr

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020