'QuadRooter' vulnerability affects 900 million Android devices -- the sky is falling!
As a Linux desktop user, you'd think I'd be a big Android proponent. Actually, I rather detest Google's mobile operating system lately. Other than Nexus devices, most Android devices fail to get regular updates, leaving users exposed to vulnerabilities. That is unacceptable! It is why I own an iPhone now, but I digress.
Sadly, yet another set of vulnerabilities have been discovered for Android. Dubbed 'QuadRooter', all Qualcomm devices are affected. In other words, this is really, really, bad, folks. You see, 900 million phones and tablets are impacted, and most of them will probably never be patched. The Android sky is falling!
"QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65 percent share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device", says the Check Point Mobile Research Team.
The team further says, "QuadRooter vulnerabilities are found in software drivers that ship with Qualcomm chipsets. Any Android device built using these chipsets is at risk. The drivers, which control communication between chipset components, become incorporated into Android builds manufacturers develop for their devices. Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm".
The company shares the below list of just some of the affected devices. Keep in mind, there are far more devices that are impacted.
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
If you are using an Android device that uses a Qualcomm chipset, what should you do? Sadly, there is nothing you really can do -- other than wait and pray, that is. If you have a newer device, you might be issued a patch, but most likely, your phone or tablet will remain vulnerable forever. Scary.
Will these Android security dead-ends drive you to iOS or Windows 10 Mobile? Tell me in the comments.
[Update] Check Point Software releases 'QuadRooter Scanner' Android app -- a simple way to see if your device is impacted. You can learn more here.