Check Point finds ‘Quadrooter’ vulnerability affecting over 900M Android devices
August 2016 by Check Point
Check Point has announced four new vulnerabilities affecting over
900 million Android smartphones and tablets at the Def Con 2016 security event in
Las Vegas on Sunday August 7 2016. The vulnerabilities, called QuadRooter, affect
Android devices that are built on the Qualcomm chipset, which supplies 80% of the
chipsets in the Android ecosystem.
The vulnerabilities are found in the software drivers Qualcomm ships with its
chipsets. An attacker can exploit these using a malicious app to trigger privilege
escalations and gain root access to a device. This app would require no special
permissions to take advantage of the vulnerabilities, which means it would not make
users suspicious. This would enable an attacker to take complete control of
devices’ screens, cameras, microphones etc, and access sensitive data on them.
Check Point has made a free scanner app available on Google Play, enabling Android
users to find out if their device is vulnerable and prompt them to download patches
for the problem, available from here:
https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter