These types of news stories are starting to become a regular feature. In short, someone finds a vulnerability in the Android Operating System which happens to affect every single phone – IN THEORY! No different to all the vulnerabilities that could destroy Microsoft Windows OS! Anyhow, this time, the issue lies with the software running chipsets made by Qualcomm. The big issue is that Qualcomm supply about 900 million Android phones worldwide. In reality, the vulnerability will only be exploited on devices which are unpatched and downloading applications from untrusted sources. The flaws were found in software that handles graphics and in code that controls communication between different processes running on a phone.
“I’m pretty sure you will see these vulnerabilities being used in the next three to four months,” said Michael Shaulov, head of mobility product management at Checkpoint.
“It’s always a race as to who finds the bug first, whether it’s the good guys or the bad.”
Affected devices included:
- BlackBerry Priv and Dtek50
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
To check to see if your device is vulnerable, Checkpoint (the ones who found the vulnerabilities) have released an application called QuadRooter Scanner and check for these vulnerabilities. Keep an eye out for all the latest security updates on your phones.