A new report from security firm “Check Point” points at four serious flaws also known as Quadrooter flaws in Android devices with Snapdragon chipset which could potentially let a hacker take full control of a user’s affected mobile device.
The four flaws were explained in detail by Adam Donenfeld, the firm’s lead mobile security researcher who says that nearly a billion Android devices are affected by the Quadrooter vulnerability. The latest devices like Google’s Nexus 5X, Nexus 6, and Nexus 6P, HTC’s One M9 and HTC 10, and Samsung’s Galaxy S7 and S7 Edge are some of those named vulnerable to one or more of the flaws which can be exploited. Blackberry DTEK50, the so called “most secure Android device” is also said to be affected by the Quadrooter vulnerability.
An attacker would have to trick a user into installing a malicious app, which wouldn’t require any special permissions and once installed an attacker can gain root access, which gives the full access to the Android device, its data, and its hardware including the camera and microphone.
Qualcomm has confirmed that the flaws have been fixed and the patches have been sent to manufacturers, customers and partners between April and July. These patches have been part of the security updates that Google rolls out to Nexus devices followed by other manufacturers and partners to other devices. Three out of the four flaws have been fixed in the latest monthly update but the last vulnerability is still at large because of the delayed final patch though Google has confirmed that it will be fixed in September update.
Meanwhile if you are wondering about your device being affected, you can check it using the Quadroot scanner software which is available in the Play store.