90% of Android devices are safe from QuadRooter exploits thanks to Google's Verify Apps


Recently, it's been discovered that nearly 1 billion Android devices could be affected by a new set of security vulnerabilities gathered under the name QuadRooter. The vulnerabilities can potentially put at risk pretty much any Qualcomm Snapdragon-based Android device, but only if a user installs certain malicious apps.

A security patch to fully address this won't be out before September, but, fortunately, folks installing only apps from Google Play can not be affected by QuadRooter vulnerabilities anyway. Google's very own Verify Apps feature, which "regularly checks activity on your device and prevents or warns you about potential harm", will protect you against any malicious app that may be related to QuadRooter.

Since Verify Apps is enabled by default on devices running Android 4.2 or later and featuring Google Play services, it safeguards about 90% of all Android devices currently in use. If you do try to install content from unknown sources, Verify Apps will block the installation if it detects something suspicious. According to Android Central, Google confirmed that its protection features will "identify, block, and remove applications that exploit vulnerabilities" like QuadRooter. To make your device exposed to QuadRooter, you'd have to manually disable Verify Apps - but that's not advisable in any scenario. 

via: Android Central

FEATURED VIDEO

49 Comments

1. Mxyzptlk unregistered

But that still leaves 10% exposed, which is too high of a number on the Android front of

3. Scott93274

Posts: 6040; Member since: Aug 06, 2013

I think that more than 10% of the iOS platform is vulnerable thanks to Apple leaving their kernel unencrypted in their beta release.

4. Podrick

Posts: 1285; Member since: Aug 19, 2015

Mxy's happiness lasted less than a day.

5. Scott93274

Posts: 6040; Member since: Aug 06, 2013

OOOOHHH!!!! Android has a vulnerability!!!! SHUN!!!! .... Oh wait, Google fixed it years ago without anyone even realizing it.... awkward.

14. ibend

Posts: 6747; Member since: Sep 30, 2014

no worries, last year iOS and OSX get first place in this listhttp://www.gfi.com/blog/2015s-mvps-the-most-vulnerable-players/

19. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

Only if you were on an unpatched iOS. If you look at the list, they were ALL fixed, at a pace that Google could only hope for. So while there were entries, people were updated faster than we could say 'oooh look apple took first'.....

22. Scott93274

Posts: 6040; Member since: Aug 06, 2013

Sadly, that's not always the case. In my example below, Apple clearly did not take a warning about a system vulnerability seriously as they sat around twiddling their thumbs for 6 months, and we all know the hell that caused them. http://www.dailydot.com/debug/apple-icloud-brute-force-attack-march/

28. Mxyzptlk unregistered

And yet it's here again. Just like before, Android fans sweep the sh** under the rug while anything iOS does is bad.

31. Scott93274

Posts: 6040; Member since: Aug 06, 2013

LOL, dude, I think it's safe to say that everyone here with an Android device is not impacted by this issue, so to hear someone cry about a vulnerability that impacts phones that're SEVERAL years old and in no way affects anyone here, you can't blame enthusiasts for thinking you're a nagging idiot.

7. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

He's secretly obsessed with Android, you know that. I don't know how far did they shove that Galaxy phone in his arse.

17. tedkord

Posts: 17452; Member since: Jun 17, 2009

It's a deep seated jealousy which, as so often happens, gets translated to hatred.

36. Mxyzptlk unregistered

Wrong, as usual.

26. Mxyzptlk unregistered

Just like the Android fans are obsessed with iOS, right?

34. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

I couldn't care less about blind Apple hating Android fanboys, so I would agree with you. Thank you for confirming you're obsessed with Android.

37. Mxyzptlk unregistered

I'm obsessed with technology, not Android.

10. meanestgenius

Posts: 22388; Member since: May 28, 2014

Exactly! Lmao! You can feel burn jumping off of him.

25. Mxyzptlk unregistered

You're still bumburned.

29. meanestgenius

Posts: 22388; Member since: May 28, 2014

Stop projecting. You're the only bumburned one here. Here, have some aloe and a cool, damp cloth for the pain.

38. Mxyzptlk unregistered

You seem to know an awful lot about aloe and a damp cloth. Methinks you have first hand experience with aloe and a cool damp cloth.

41. meanestgenius

Posts: 22388; Member since: May 28, 2014

I know a lot about it because I keep having to offer it to you after I thoroughly demolish you verbally in the comments section.

46. Mxyzptlk unregistered

Verbally demolish? I think you mistake me for what girls say to you every day.

47. meanestgenius

Posts: 22388; Member since: May 28, 2014

Yes, it's true. Girls do say that I "demolish" them every day when they're "with" me. ;) How'd you know? I must really be that much of a legend.

6. Gustavoar

Posts: 22; Member since: Jan 13, 2016

Well, the number can get to lower than 1%, but in devices from 2.3 to 4.1 you have to enable the protection in the settings of Google Configuration app manually if you haven't already done it in the past.

9. RebelwithoutaClue unregistered

Smartphones that use a version before JellyBean, usually older handsets that don't install apps anyway but are used as feature phones. Not to mention install third party apps is still off by default. In the end... not worth the mention. 10% is about the same amount of Apple devices running iOS 8 or lower which has a number of security bugs still too.

13. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

Really? Sill lower than the 100% if iPhone 4 users and iPad 2 users who have hardware that is always easy to jailbreak no matter what version of iOS is installed because the exploit takes advantage of a hardware flaw in the CPU. It's the same crap. How many IOS users have an iPhone 4. I still have one, though I don't use it for anything other than playing music for the kid. But I can jailbreak it from now until eternity as long a sit powers on. You try to act like what you use isn't flawed. Here is the difference. Because android and Windows have lots of users, security has to take a front seat to all. Unlike with iOS, because of less users in general, security was always a 2nd seat back. Even though apple has certainly gotten better, iOS is still able to be cracked. Which means its flawed. No software is ever going to be 100% fool-proofed. But when its a platform you don't even use, here you come like flies to crap. Just like you try to claim about everyone else. You should stop calling the kettle black, when you kettle is toast.

16. BobbyDigital

Posts: 2125; Member since: May 29, 2014

Awww... Don't be sad Michelle. Be very sad!! Lmao!! Your happiness lasted less than a day. Sucks to be you.

18. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

What made the whole thing stupid is this. The article yesterday, stated as a fact; that the flaw in question was Qualcomm SnapDragon SoC. Now even though Android phones and tablets do use the biggest majority of Qualcomm's SoC's, they are used by Microsoft, Blackberry and other OEM's. The flaw can only be taken advantage of if you sideload apps from unknown sources. So dos this not mean as a matter of fact, since you can sideload apps on Windows Phone, you can sideload apps on Blackberry devices, and the fact you can sideload on Android; does that not mean that they are all 100% equally vulnerable, because the exploit is at the hardware level? The write of the article is a jerk, and amonsgst other things, he bated the article. Any FOOL like these ignorant fanboys who read articles for buzzwords should have seen right through it. Its a SoC vulnerability which means any phone that uses said SoC is exploitable. But they didn't even see that. All that saw is because Android phones are the biggest users, that only Android users are at harms way. This is CLASSIC ignorant and stupidity on people who claim to be tech fans. When I first read the article, I was like this doesn't effect me, because the Note 5 only uses Exynos. But the first thing I though of were users of any galaxy. My rule is, after Qualcomm lied to the public about the 810, I would never buy a phone with the SnapDragon ever again. In the past when I bought Samsung phones, I only wanted the SD because it was better than the Exynos for graphics, but for me, battery-life is more important and the game I play look 100% identical on either. I chose to send a message to both Qualcomm and Samsung not to support a company that openly lied. So I now buy my phones via Canada carriers to get an unlocked phone that will work on T-Mobile. all those fools yesterday, now all are sour pusses, because they've been all made to look ignorant. The article even stated, ITS ONLY AN ISSUE IF YOU SIDELOAD APPS. out of 1.3Billion devices that run Android, how many use the SD SoC? Now you've lowered that numbers to maybe 75%. Now, out of 75% of Android phones, how many people sideload? What all the people in China? maybe the people to have phones they can root? We are talking maybe e 10M people tops, if its even that? This one article just showed who really is the most ignorant. I don't give a rats @$$ how much they complain about how long my posts are. At least they are click bate for likes. At least it has substance and its not trolling.

23. Mxyzptlk unregistered

...no one is going to read your essay.

27. Scott93274

Posts: 6040; Member since: Aug 06, 2013

lol, +1 for truth.

35. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

I agree with you on this one lol

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.