Life After QuadRooter: Measuring The Impact

 
Following Check Point’s disclosure of QuadRooter at Black Hat USA on August 7, the free QuadRooter scanner app was downloaded over half a million times. The results of the scans Check Point collected show that almost two thirds of scanned devices were affected. These reports also offer a unique opportunity to analyze a large sample of in-use devices to see how the Android community is affected by and responds to new vulnerabilities. Learn the technical details of QuadRooter: Download our report today. Methodology The scanner app was designed to detect QuadRooter vulnerabilities in different ways. It used code analysis of potential exploit techniques to detect CVE-2016-2504 and ...

The QuadRooter Domino Effect

 
Component suppliers, Android device manufacturers and developers all test their products rigorously. Even still, vulnerabilities -- both in hardware and software -- can be found on the smartphones and tablets we trust with our sensitive data. Until a patch for a vulnerability is installed, an affected device is exposed. That's why fixing vulnerabilities like QuadRooter requires the cooperation of everyone in the Android ecosystem including researchers, suppliers, Google, device manufacturers, and carriers. Suppliers: Check Point mobile researcher Adam Donenfeld informed Qualcomm about four vulnerabilities he discovered in its chipset software drivers between February and April, in ...

QuadRooter: New Android Vulnerabilities in Over 900 Million Devices

 
Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas. What is QuadRooter? QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a ...