DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
August 20, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 55 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

900 million vulnerable Android devices due to bugs in Qualcomm drivers

Posted on Tuesday, August 09 2016 @ 15:42:55 CEST by


Android logo
Over at the DEF CON 24 conference, security researchers revealed four vulnerabilities in Qualcomm's chipset drivers for the Android platform. Qualcomm is the leading designer of LTE chipsets, it has a 65 percent share of the LTE modem baseband market so the vulnerabilities are believed to be present in as many as 900 million smartphones and tablets.

The security researchers named the set of vulnerabilities "QuadRooter", attackers could use them to gain complete control of devices and unrestricted access to the data on them. Qualcomm was informed about the security flaws in April, they issued updates to OEMs but the problem is of course that most Android devices receive few, if any, updates.
What Android devices are at risk?
QuadRooter vulnerabilities are found in software drivers that ship with Qualcomm chipsets. Any Android device built using these chipsets is at risk. The drivers, which control communication between chipset components, become incorporated into Android builds manufacturers develop for their devices.

Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm.

This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end users. Once available, the end users must then be sure to install these updates to protect their devices and data.
Full details at CheckPoint.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba