Check if your phone is at risk from QuadRooter vulnerability

“We found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems”, said Adam Donenfield, the mobile security researcher who led the team that identified the flaws, at Sunday’s Def Con security conference in Nevada.

Check Point is making available a free Quadrooter scanner app that scans users’ Android phones to see if the necessary patches have been downloaded and installed. Included are the Google Nexus 5X and 6, the new Moto X, The OnePlus One, 2 and 3, the Samsung Galaxy S7 and S7 Edge, The Sony Xperia U Ultra, the LG G5 and G5, and various other devices. Even the Blackberry Priv and the new DTEK50, which the company boasts to be world’s most secure Android phones are also vulnerable to one of the exploits. The QuadRooter Vulnerability is a set of four vulnerabilities, hence the name QuadRooter, and patches for three of them have already been released along with the Google security updates. Exploiting the bugs would allow an attacker to gradually be able to take more and more control over the device and gain access to data.

“Following recent security issues discovered in Android, Google made a number of changes to tighten security across its fragmented landscape”.

According to CheckPoiunt, the vulnerabilities could leave users’ devices rooted, and open to remote access.

Qualcomm responded pointing out that it had fixed all the flaws and issued patches to all the phone manufacturers and Network carriers between April to the end of July.

However, there is no evidence of the vulnerabilities now being used in attacks by cyberthieves.

The problem appears to affect phones which run on Qualcomm processors, which the blog estimates to be around 900 million devices.

The users who are anxious about their phones can download the application from the Google Play Store called Quadrooter Scanner. Google, which maintains the Android code base, sends patches to Nexus users as soon as the fixes are released each month.

Now, if people are keen on installing apps from unknown sources or sites then they have to be prepared for the consequences.