Google: Android protects against three of four QuadRooter flaws

Verify Apps feature nullifies QuadRooter in Android Jelly Bean and above

Android should already be able to block three of four QuadRooter attacks automatically, according to Google.

QuadRooter is the latest vulnerability to be found to affect the operating system, with security research firm Check Point uncovering four flaws this week that give hackers root-level access to Android devices.

However, the researchers could not find any existing exploits taking advantage of QuadRooter and Google has now said Android already protects against most of the flaws.

Its Verify Apps feature, enabled by default in all Android versions since Jelly Bean 4.2, can recognise malicious apps using QuadRooter, and block them.

A Google spokesperson told Android Central: "We appreciate Check Point's research as it helps improve the safety of the broader mobile ecosystem. Android devices with our most recent security patch level are already protected against three of these four vulnerabilities.

"The fourth vulnerability, CVE-2016-5340, will be addressed in an upcoming Android security bulletin, though Android partners can take action sooner by referencing the public patch Qualcomm has provided.

"Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these."

Google's response stresses that users would have to go out of their way to download malicious apps in order for QuadRooter to work, and disable Verify Apps to allow the download to happen.

The only Android devices really at risk are those running anything lower than Android 4.2. Cumulatively, Android versions above 4.2 account for 56 per cent of all mobile operating systems, according to NetMarketShare.

08/08/2016: 900 million Android smartphones at risk of QuadRooter hack

Hundreds of millions of Android smartphones and tablets are at risk from hackers due to a flaw in the Qualcomm chipsets that power them, researchers have found.

QuadRooter, as the issue has been named, is in fact a set of four vulnerabilities that, when exploited, allows an attacker to gain root access to the bug-afflicted device, which means that can change or remove system files and delete or add apps, as well as accessing the device's screen, camera or microphone.

Michael Shaulov, head of mobility product management at cybersecurity firm Check Point, which discovered the issues, said the vulnerabilities are not currently being exploited, but they are soon likely to be.

Speaking to BBC News, Shaulov said: "I'm pretty sure you will see these vulnerabilities being used in the next three to four months. It's always a race as to who finds the bug first, whether it's the good guys or the bad."

Check Point presented their findings at the Def Con security conference in Las Vegas.

Affected devices include:

  • Samsung Galaxy S7 and S7 Edge
  • Sony Xperia Z Ultra
  • Google Nexus 5X, 6 and 6P
  • HTC One M9 and HTC 10
  • LG G4, G5 and V10
  • Motorola Moto X
  • OnePlus One, OnePlus Two and OnePlus Three
  • BlackBerry Priv
  • Blackphone 1 and 2

Only Android devices are affected, meaning iPhones, iPads and Windows Phones and tablets are safe from this bug.

Qualcomm worked with Check Point to mitigate the issue, and patches for all four have since been issued to device manufacturers. However, as the vulnerability can only be fixed by installing a patch delivered by distributors or carriers, Check Point has developed an app, QuadRooter Scanner, that will let users check to see if they have all the relevant patches downloaded and installed.

If they are not fully patched and no update is available to address the issue, users "should call whoever sold them their phone, their operator or the manufacturer, and beg them for patches", Shaulov told BBC News.

Main image credit: Cyberhades on Flickr

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
Qualcomm modem flaw puts millions of Android users at risk
Google Android

Qualcomm modem flaw puts millions of Android users at risk

6 May 2021