Two critical vulnerabilities that formed part of the QuadRooter set of vulnerabilities in Qualcomm’s driver software have been patched by Google.
The two vulnerabilities would have made it possible for malware to seize root access to the Android operating system. The only known fix for this was wiping the phone’s storage and reinstalling Android.
News of the vulnerability was made public by Check Point Software Technologies in August. The firm stated at the time that as many as 900 million Android devices had the QuadRooter vulnerability including new, and largely popular smart phones such as the Samsung Galaxy S7 and S7 Edge, LG’s G5 and the Blackberry Priv.
To Google’s credit the patch of these vulnerabilities has arrived exactly when they promised. As we previously reported as many as three of the four vulnerabilities were patched in August, the final patches weren’t ready at the time but the search giant promised the patch would be delivered this month.
Waiting for the update
Google has begun disseminating the update to Nexus handsets already as part of an over-the-air update. Meanwhile, Blackberry has already patched all of the vulnerabilities for its Priv handset according to ZDNet.
As for the rest of us, well we’re just going to have to wait for our manufacturers to push the update to us over the air.
Thankfully this happens a few days after Google releases its patch into the wild so make sure you have an internet connection with a few spare MBs of data to download the patch.
As a matter of interest if you aren’t sure whether your handset is vulnerable you can use Check Point’s QuadRooter Scanner to find out if your handset needs the patch.
[Via – ZDNet] [Image – CC BY 2.0 Uncalno Tekno]