The Hong Kong Computer Emergency Response Team Coordination Centre has issued a security alert for Android after multiple vulnerabilities were identified with up to 65 percent of devices.
The announcement was made at the DEF CON 24 security conference in Las Vegas on Sunday, where a team of researchers disclosed four flaws, known as “QuatRooter”. Each of the flaws can be exploited by installing a rogue app on the device and any one of them would allow an attacker full remote access to the device.
An estimated 900 million Android smartphones and tablets are thought to be impacted around the world. The affected devices all contain chips manufactured by Qualcomm, the world’s leading chipset manufacturer. There is currently no vendor patch available. The Centre advised that the release of patches would be determined by individual manufacturers.
Some of the most popular brands and devices are among those affected, including BlackBerry Priv, Blackphone 1, Blackphone 2, Google Nexus 5X, Nexus 6, Nexus 6P, HTC One, HTC M9, HTC 10, LG G4, LG G5, LG V10, Moto X, OnePlus One, OnePlus 2, OnePlus 3,Samsung Galaxy S7, Samsung S7 Edge, and Sony Xperia Z Ultra.
US IT security firm Check Point has released a tool to enable users to check whether their devices are at risk. Affected users are advised to avoid installing unknown apps and to only install apps from trusted app stores. Users are also advised to download the latest Android updates as soon as they become available as they many contain important security updates.