The Quadrooter vulnerability, which was recently revealed by security firm Check Point, is said to have made 900 million Android devices open to hackers through a combination of four security exploits. However, according to Google, Quadrooter is not the massive security threat that is being made out to be.
The reported security issue is said to affect Android-powered smartphones and tablets featuring Qualcomm chipsets, covering high-end and popular devices such as Google's Nexus 5X and Nexus 6P, Samsung's Galaxy S7 and Galaxy S7 edge, the HTC One, the BlackBerry Priv and the OnePlus 3.
Check Point said that the vulnerability is linked to the software that handles graphics, alongside the programming for the communication of the various components of the devices. Through exploiting the issue, hackers could breach through the defenses of an Android smartphone or tablet and gain control over different features.
Google, however, is claiming that the Quadrooter vulnerability should not be a problem. As previously reported, Google is patching up three of the four exploits through its August update for Android, with the fourth exploit to be issued a solution in the September update. These updates will fix the problem for Android users who regularly update their devices, but as widely known, there is a high level of fragmentation among Android devices, with a significant percentage not installing the most recent updates as they roll out.
Google adds that the Quadrooter vulnerability will be additionally mitigated by the Verify Apps feature for Android, which is activated by default on all devices powered by Android Jelly Bean. Before apps are installed, the Verify Apps feature scans them to detect if there are any security threats bundled with the apps, preventing them from launching if it does. Users with pre-Android Jelly Bean devices can opt to activate the feature manually, but with 90 percent of Android devices running Android Jelly Bean or later, it means that most users are protected against Quadrooter.
"The Android malware monster will never die," according to Computer World's JR Raphael, with companies such as Check Point revealing what they claim to be massive security threats and then conveniently sell antivirus software or detectors that solve the said problems. However, these companies often fail to mention that the exploits pose little to no threat at all to Android users in the real world.
Raphael cautions Android users from being ignorant on how big or small of a threat the reported security issues on Android are and should have the knowledge and logic to figure out which exploits are the problematic ones and which ones are not.
That said, it is always the better idea to upgrade to the latest version of the Android operating system, install Android security updates as soon as they roll out and avoid downloading and installing apps from shady sources.