Aug 10 2016

Google Downplays Threat to Android from QuadRooter Vulnerability

A recently disclosed security vulnerability in Android is not nearly as dangerous as it first appeared to be.

Google says that a recently disclosed vulnerability to Android devices, known as QuadRooter, is not as dangerous as first thought. According to Google, a feature built into the Android operating itself blocks 90 percent of the potentially exposed devices from the vulnerability. 

According to ZDNet, researchers at security firm Check Point disclosed "four previously undisclosed security vulnerabilities found in Android phones and tablets that ship with Qualcomm chips could let a hacker take full control of an affected device." The vulnerability was said to affect more than 900 million devices. 

ZDNet reports: "An attacker would have to trick a user into installing a malicious app, which unlike some malware wouldn't require any special permissions. (Most Android phones don't allow the installation of third-party apps outside of the Google Play app store, but attackers have slipped malicious apps through the security cracks before.)"

If the flaws were exploited, an attacker could "gain root access, which gives the attacker full access to an affected Android device, its data, and its hardware — including its camera and microphone."

While that sounds alarming, Google says that it had anticipated a threat like this years ago, which is why it built a feature known as Verify Apps into Android 4.2, which was released nearly four years ago, Information Week notes.

A Google spokesperson told Android Central:

"We appreciate Check Point's research as it helps improve the safety of the broader mobile ecosystem. Android devices with our most recent security patch level are already protected against three of these four vulnerabilities. The fourth vulnerability, CVE-2016-5340, will be addressed in an upcoming Android security bulletin, though Android partners can take action sooner by referencing the public patch Qualcomm has provided. Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these." 

So, according to Android Central, "of the oft-quoted '900 million' vulnerable devices, 90 percent should automatically block any app using QuadRooter. And the remaining 10 percent can be protected if they enable this security feature manually."