A new flaw in Android devices having Qualcomm chipset has been detected which is argued to affected over 900 million android devices. A mobile research team, ‘Check Point’ has reported the issue initially claiming that the vulnerability is affecting all the devices which are having Qualcomm chipset in it.
The security firm, Check Point said that, it is a set of four vulnerabilities, termed as Dubbed ‘QuadRooter’ which is affecting Android devices having Qualcomm chipsets. Hackers can probably infect the victim’s Android Mobile Phone with a malware. And if this malware gets installed on any of the four vulnerabilities, then it would get a privilege escalation which will results in gaining root access to the devices. More on this, the team also claimed that the software drivers which come with Qualcomm SoCs are prone to QuadRooter vulnerabilities.
How Hackers Can Enter your Device?
The newly detected QuadRooter vulnerabilities affect these four modules on Android system-
- IPC Router (Inter-process Communication)
- Kgsl (Kernel Graphics Support Layer)
- Kgsl_sync (Kernel Graphics Support Layer Sync)
- Ashmen (Android Kernel Anonymous Shared Memory Feature)
A malicious app could exploit any of these four vulnerabilities without any special permission to get access on these vulnerabilities. And hence the user will never notice the installation or exploitation of these vulnerabilities. The Qualcomm powered Android devices are pre-installed with these vulnerabilities. The only possible way to get a fix on these vulnerabilities is to install a software patch from the carrier.
The security updates and patches which will fix these vulnerabilities will be made available as soon as possible. The only issue concerned with such patches is that the process of making such security updates is a time and resource consuming process. Which mean that until these patches are been coded, tested and dispersed, the users are at risk to these vulnerabilities.
Safety measures for your Smartphone
To keep your Qualcomm powered smartphone away from such attacks, it is recommended to download and install the latest Android updates. Also examine the app permission requests before installing any app. Make sure all the apps are genuine and downloaded from Google play store.
The Check Point firm has an app on Google Play Store named as ‘QuadRooter Scanner’ which is a free app that confirms whether or not any of these four vulnerabilities exists on your smartphone.
Around 65% of LTE chipsets present in worldwide market is owned by Qualcomm itself. These said vulnerabilities are anticipated to affect around 900mn Android smartphone devices. The major companies manufacturing their smartphones on Qualcomm processor includes HTC, LG, Samsung, Blackberry and Motorola to name a few. Not to forget the recently launched Blackberry DTEK50 which was termed as ‘Super Secure Android Smartphone’ comes with Qualcomm processor.
