Google: Android protects against three of four QuadRooter flaws

Verify Apps feature nullifies QuadRooter in Android Jelly Bean and above

Android should already be able to block three of four QuadRooter attacks automatically, according to Google.

QuadRooter is the latest vulnerability to be found to affect the operating system, with security research firm Check Point uncovering four flaws this week that give hackers root-level access to Android devices.

However, the researchers could not find any existing exploits taking advantage of QuadRooter and Google has now said Android already protects against most of the flaws.

Its Verify Apps feature, enabled by default in all Android versions since Jelly Bean 4.2, can recognise malicious apps using QuadRooter, and block them.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

A Google spokesperson told Android Central: "We appreciate Check Point's research as it helps improve the safety of the broader mobile ecosystem. Android devices with our most recent security patch level are already protected against three of these four vulnerabilities.

"The fourth vulnerability, CVE-2016-5340, will be addressed in an upcoming Android security bulletin, though Android partners can take action sooner by referencing the public patch Qualcomm has provided.

"Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these."

Google's response stresses that users would have to go out of their way to download malicious apps in order for QuadRooter to work, and disable Verify Apps to allow the download to happen.

The only Android devices really at risk are those running anything lower than Android 4.2. Cumulatively, Android versions above 4.2 account for 56 per cent of all mobile operating systems, according to NetMarketShare.

08/08/2016: 900 million Android smartphones at risk of QuadRooter hack

Advertisement - Article continues below

Hundreds of millions of Android smartphones and tablets are at risk from hackers due to a flaw in the Qualcomm chipsets that power them, researchers have found.

QuadRooter, as the issue has been named, is in fact a set of four vulnerabilities that, when exploited, allows an attacker to gain root access to the bug-afflicted device, which means that can change or remove system files and delete or add apps, as well as accessing the device's screen, camera or microphone.

Michael Shaulov, head of mobility product management at cybersecurity firm Check Point, which discovered the issues, said the vulnerabilities are not currently being exploited, but they are soon likely to be.

Speaking to BBC News, Shaulov said: "I'm pretty sure you will see these vulnerabilities being used in the next three to four months. It's always a race as to who finds the bug first, whether it's the good guys or the bad."

Advertisement
Advertisement - Article continues below

Check Point presented their findings at the Def Con security conference in Las Vegas.

Affected devices include:

Advertisement - Article continues below
  • Samsung Galaxy S7 and S7 Edge
  • Sony Xperia Z Ultra
  • Google Nexus 5X, 6 and 6P
  • HTC One M9 and HTC 10
  • LG G4, G5 and V10
  • Motorola Moto X
  • OnePlus One, OnePlus Two and OnePlus Three
  • BlackBerry Priv
  • Blackphone 1 and 2

Only Android devices are affected, meaning iPhones, iPads and Windows Phones and tablets are safe from this bug.

Qualcomm worked with Check Point to mitigate the issue, and patches for all four have since been issued to device manufacturers. However, as the vulnerability can only be fixed by installing a patch delivered by distributors or carriers, Check Point has developed an app, QuadRooter Scanner, that will let users check to see if they have all the relevant patches downloaded and installed.

If they are not fully patched and no update is available to address the issue, users "should call whoever sold them their phone, their operator or the manufacturer, and beg them for patches", Shaulov told BBC News.

Main image credit: Cyberhades on Flickr

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020