A few months ago, Check Point Software Technologies Ltd. made the public aware of the newest security vulnerability, called QuadRooter, for Android enabled phones. Yesterday, Google confirmed that 90 percent of mobile devices running Android are safe from the said flaw.
What is QuadRooter?
QuadRooter is a set of four security vulnerabilities affecting mobile devices built on Qualcomm?s chipsets and running Android. If one of the four vulnerabilities is exploited, the attacker can gain access to the device and practically control each and every aspect of it. The said attacker can listen to the owner?s conversations. It could, inadvertently, deny access to the user. Access personal information like bank details and even control the camera and access all images and videos, to name a few.
Fortunately, this attack can only happen through malicious apps. However, this doesn?t mean that users have complete immunity from QuadRooter.
Immediately after publicising the threat, Google and Qualcomm has issued patches for three of the four vulnerabilities. The fourth to be addressed in the upcoming security patch.
Google also confirmed that the ?Verify Apps? feature available to Android 4.2 and above will protect users against malicious apps. The said feature will detect if an application has the ability to exploit any of the four vulnerabilities listed by QuadRooter. Once detected, Android will then display a notification saying ?Installation has been blocked? without any option for the user to override it.
The ?Verify Apps? security feature is enabled by default on mobile devices using Android 4.2 and up. This constitutes to around 90 percent of the entire Android market. The remaining 10 percent can protect themselves by enabling the feature manually.
How to stay protected
Even though ?Verify Apps? is enabled by default on current Android devices, users are still cautioned as they could still be vulnerable. Users are urged to update their Android devices as soon as security patches become available as a precaution. Also, Google advices the public to be on the look out for any malicious apps and avoid side-loading apps. As well as abstaining from connecting to ?sketchy? WiFi networks.
For more update regarding this security risk, stay tuned to TheBitBag.