A new set of Security vulnerabilities affecting Android smartphones and tablets that are powered by a Qualcomm chipset have been uncovered. These set of four newly discovered flaws affects over 900 million devices and could let attackers take control of an affected smartphone or tablet.
Dubbed “Quadrooter” the vulnerabilities which are four in numbers was discovered by researchers at US-based Check Point Software Technologies. The Tech company first notified Qualcomm of its chipset vulnerability in April and industry standards allow for a 90-day period for Qualcomm to produce and distribute security patches to fix the vulnerabilities before the vulnerabilities were made public.
The Quadrooter security flaws allows attackers to trick a user into installing a malicious app which ordinarily would require permissions but in this case, no special permissions is required. When this happens, an attacker can gain root access to the Android device’s hardware, including its camera and microphone and the phone’s data.
The list of smartphones affected cuts across brand names and price range, as long as the device is powered by a Qualcomm processor. Even Google’s own branded smartphones, Nexus 5X, Nexus 6 and Nexs 6P are not spared. And even Samsung’s latest Galaxy S7 and S7 Edge flagships are not spared from the security flaws. Quite hilariously, Blackberry’s much hyped “most secure Android smartphone”, the Blackberry DTEK50 is also vulnerable to one of the four flaws.
A Google spokesman has confirmed the existence of the flaws and hinted that a security patch to fix the flaws will be made available in September. But before that happens, Android users can protect themselves from the QuadRooter Qalcomm chipset vulnerability and all potential threats by only downloading apps from the Google Play Store, avoid using unsecured WiFi connections, and avoid the practice of Rooting Android phones, at least for now.
Also, whenever Android updates become available users should ensure they install the updates as soon as possible and running security apps like ZoneAlarm or Mobile Threat Prevention could help as well. Aside that, Android users should ensure they carefully read and consider the permissions apps request when being installed. Unusual requests for battery or data access should be deemed suspicious and investigated or denied.