# Is Yours, Possibly, 1 of 9 Million That May Be Vunerable to QuadRooter?



## 95Viper (Aug 9, 2016)

QuadRooter: New Android Vulnerabilities in Over 900 Million Devices by Adam Donenfeld, Check Point Mobile Research Team posted 2016/08/07 



> *What is QuadRooter?*
> QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.
> 
> Some of the latest and most popular Android devices found on the market today use these chipsets, including:
> ...



Read complete article at the link at top of post.


----------



## burebista (Aug 9, 2016)

Yep, mine it is. Do I care? Guess not.


----------



## blobster21 (Aug 9, 2016)

burebista said:


> Yep, mine it is. Do I care? Guess not.
> 
> View attachment 77717



Same vulnerabilites ! LG G2 with android 5.0.2


----------



## R-T-B (Aug 11, 2016)

This is what I wrote my application for editor article about, lol.

You'd have to be dumb enough to install a sketchy app to get infected.  No, the app won't tell you via permission requests that it is sketchy, but you should still be able to tell if you know what you are looking for.  Practice good app hygiene, people.

Heck, here is my article.  Review it for shits and giggles:


*Quadrooter:  It’s not quite the new StageFright, but it’s close.*

Defcon has come and gone and again it has left the Android Security world in a state of confusion.  During the conference which focuses on security vulnerabilities, a vulnerability known as “Quadrooter” was revealed.  Like the StageFright security scare of 2015, Quadrooter is a privilege escalation bug allowing an attacker to gain complete “root” level access to a user’s cell phone.  However scary that may sound, that is where the similarities end.

Unlike StageFright, which was part of the Android operating system, Quadrooter is part of Qualcomm’s Snapdragon chipset driver.  This means it is not actually a flaw in android but a flaw in the driver for an external chipset.  Does that matter to the end user?  Probably not.  Why?  Because nearly 65% of all Android devices (and arguably even more in recent releases) actually have a Qualcomm chipset, and thus are affected by this bug.

That said, there is still some hope in the fact that unlike StageFright, a user has to actually install a malicious app to become a victim of Quadrooter.  If you only install from Google Play, that means you are much more likely to be protected, provided Google’s policing is up to the job.


----------



## Recon-UK (Aug 11, 2016)

I run Nokia with Windows Phone OS.. i use my phone as a phone so i don't care.


----------



## R-T-B (Aug 11, 2016)

Recon-UK said:


> I run Nokia with Windows Phone OS.. i use my phone as a phone so i don't care.



You aren't affected, but honestly, if you're phone was affected and consequently infected you would care when it started being used as a spam relay and the cops showed up.


----------



## Recon-UK (Aug 11, 2016)

R-T-B said:


> You aren't affected, but honestly, if you're phone was affected and consequently infected you would care when it started being used as a spam relay and the cops showed up.



Maybe but i will forget in like 10 minutes.


----------



## Komshija (Aug 17, 2016)

Mediatek here, Lenovo device. Personal and security reasons.


----------



## RejZoR (Aug 18, 2016)

My Huawei Ascend P7 with Android 5.1.1 (update B852) is not affected. Hooray


----------



## animal007uk (Aug 18, 2016)

Don't have or want a phone or tab or anything like that so not effected by this


----------



## hat (Aug 23, 2016)

The easier we make our lives with technology, the easier we make it for would-be crooks to fuck us up. It's probably best to keep as much sensitive data as possible off your phone, which is likely the least secure device you have.


----------



## Nobody99 (Aug 23, 2016)

Mediatek: Go cheap & go secure.

Such a pleasure when costlier option fails.


----------

