The QuadRooter vulnerability which affects Android devices running Qualcomm powered chipsets has managed to get some serious attention. While Google has said the vulnerability was known, and that its Verified apps feature will ensure no malicious app can take advantage of the same, smartphone manufacturers have so far been silent on the issue. But Sony has come out, and said it will issue software updates for devices which are affected by the same.
Sony issued a statement on their Xperia blog, which says, “Sony Mobile takes the security and privacy of customer data very seriously. We are aware of the ‘Quadrooter’ vulnerability and are working to make the security patches available within normal and regular software maintenance, both directly to open-market devices and via our carrier partners, so timings can vary by region and/or operator.”
Sony says consumers should continuously update their phone software for better performance and security.
Google had said Android phones running the latest security patch are already protected against three of the security flaws pointed out. On the fourth security flaw, Google said it will fix the flaw in the next security update for Android, which will be issued soon.
The apps verification feature on Google is enabled by default and ensures that downloads from outside the Google Play Store are scanned for malware before and after you install them on your device. This is important because in case of the QuadRooter security flaw, it is malicious apps which can exploit the same to take root control of the smartphone.
The QuadRooter security issue was revealed security firm Check Point Software Technologies at the annual security conference DEF CON 24 in Las Vegas, Nevada. The flaw which affects all Qualcomm chipsets has four vulnerabilities that can be exploited by an attacker using a malicious app, which then gives them privilege access to the device. According to Check Point, the vulnerability affects over 900 million Android devices, which are powered by Qualcomm’s chipsets.