Quadrooter, new vulnerability threatens 900 million Android smartphones
On Android devices with Qualcomm chips, Google discovered vulnerabilities that can perform any type of remote code, with the possibility of jeopardizing security and user data. Realize the benefits conferred by root permissions, making it difficult, if not impossible, from manual removal.
Four new vulnerabilities have been identified on Android smartphones and tablets that use Qualcomm chips. The malware in question might allow an attacker to take control of the devices. Renamed “Quadrooter”, the vulnerabilities threatens 900 million devices according to what was stated by Check Point researchers, specialists in cybersecurity. The good news, then, is that Qualcomm has classified as “high risk” the four vulnerabilities, all of which go under the name of Quadrooter, and developed the corrective software.
A Qualcomm spokeswoman said that the company has already identified and solved the problem by distributing patches to customers and the open source community between April and late July. Specific fixes have already been integrated into Google releases security patches for devices with the Nexus brand. It is hoped that other manufacturers provide for the issuing of similar patches. As said, Quadrooter consists of four vulnerabilities, rather diversified between them. The first affects the PIC router module, responsible for the communication between different components of Qualcomm.
As always the main problem for Google is the fragmentation of the ecosystem, in other words the numbers relating to the distribution of the various versions of Android on board take numerous devices equipped with the operating system of the green robot. Not all manufacturers update the devices and most of them are born and death with the operating system with which it was released, making it impossible to fix any security issues.
One of the reasons why, in the year of 2016, we are still forced to witness the discovery of so many dangerous vulnerabilities, according to Check Point Software, to be found in the fragmentation of Android. The fact is that it comes in so many versions, often very different, making it difficult to analyze them to discover problems, and update them with the related corrective software is a bit hard.