A new vulnerability that threatens millions of Android devices with Qualcomm

Hexamob | Alberto Mulas 05/6/2016

A new Android vulnerability was announced and it attacks in particular to devices that use a Qualcomm chipset. This is therefore a very high quantity of devices, given that the SoC of the Californian manufacturer is among the most used in the Android market.

The vulnerability in question was introduced with some new API that regulate the functions of tethering, in particular those related to the xinetd daemon, and allows any attacker to access the database of the SMS and the list of dialed calls. As happens on these occasions, first to disclose the vulnerabilities Qualcomm has already released a patch that closes the security hole and warned all its customers nearly two months ago. Even Google has taken steps to correct the code of Android with the latest security patches so by shielding Nexus devices and those manufacturers who have already deployed the latest updates.

Anyway, several million devices remain in circulation, smartphones and tablets, which could still be vulnerable to the chronic lack of updates, a problem that plagues most of the medium low-end devices. Usually, in fact the companies promptly update their top of the range with the forgetting of the cheaper devices that, in most cases, comprise the largest percentage of sales.

A new vulnerability that threatens millions of Android devices with Qualcomm 1

So the problem is that, once again, most of the owners of an Android device with a flawed version of the operating system will likely never receive the update. The distribution of the update is in fact run by each hardware manufacturer and is consolidated practice unfortunately, now for many companies, not release updates for older devices or for those of medium-low.

On devices that do not receive updates, the advice is always to consider installing a version of Android supported by the community of developers and not managed directly by the manufacturer. The CyanogenMod “ROM” is the most famous custom (and this way you can get the latest version of firmware and speed up your smartphone with the best tools).

A new vulnerability that threatens millions of Android devices with Qualcomm