ISSUE 90 / 2016
TECHNOLOGY
The system flaws were found in software
running on chip sets built by the US firm
Qualcomm. The chips handle graphics and
the code that controls the communication
between processes that run on phones.
Check Point say that these vulnerabilities
can easily be exploited by hackers through
malicious apps that wouldn't need any
permissions from us. The exploitative
apps could slowly give the attackers more
and more control over devices infected,
eventually leading to 100% access to the
phone and all its data.
Qualcomm are the world's leading chip
set designer who's products can be found
in 900 million Android devices including
HTC, Samgsung, LG and Nexus models.
Check Point say that so far there is no sign
that these issues have been exploited by
attackers.
"I'm pretty sure you will see these
vulnerabilities being used in the next three
to four months" said the head of mobility
product management at Check Point when
speaking to the BBC adding, "It's always a
race as to who finds the bug first, whether
it's the the good guys or the bad".
The problematic chip sets and drivers are
pre-installed at the point of manufacturing;
but can be fixed. All users need to do is
install a patch that solves the issues - but
these can only be giving through the
distributors of the phones - and they can
only do that once they receive it from
Qualcomm.
It's reported that Qualcomm has built the
patches for the bugs and released them to
the phone makers / operators, but it's not
known what companies have issued the
updates. Check Point advises that users
download and install the latest updates as
soon as available, and if still in doubt can
download their QuadRooter Scanner that
will let you know if your device has the
patches.
Research from the compnay Check Point has uncovered 4 vulnerabilities in Android devices that could give full access to
user's devices.
16
VULNERABILTIY FOUND IN ANDROID PHONES