Friday, 12 August 2016

QuadRooter – relax, the world’s not about to end



Credit: Top 10 SM

As indicated in these pages yesterday, the QuadRooter vulnerabilities are real, & they do pose a potential risk to your Android device.

However, there are multiple layers of protection, available since Android 4.2, that should keep your device safe:

● QuadRooter needs to be installed as an app

● Unknown Sources setting – by default, Android devices only allow installation of apps from the Google Play StoreGoogle’s curation is not infallible, but represents a substantial defence against malware in apps

● Verify AppsGoogle has confirmed that Verify Apps can identify & block apps using QuadRooter – if a user attempted to install an app with a QuadRooter payload an, “Installation has been blocked”, message would appear, with no option to ignore & install


More at Android Central:
http://www.androidcentral.com/google-confirms-verify-apps-can-block-apps-quadrooter-exploits

Google's Android Support:
https://support.google.com/accounts/answer/2812853?hl=en
/ QuadRooter relax the world’s not about to end Google confirms Verify Apps block apps QuadRooter vulnerabilities latest exploit roadblocked 90% Android devices security feature enabled Android 4.2 QuadRooter latest big Android security scare collection 4 vulnerabilities Qualcomm-based Qualcomm based Android gadgets device allow malicious app gain root access do anything affected device last year's Stagefright exploits QuadRooter delivered form app enable Unknown Sources manually install app somewhere nefarious become infected Android Verify Apps feature Google Play Services enabled by default four years ago Android 4.2 Jelly Bean designed protect against confirmation from Google Verify Apps identify block apps QuadRooter Google spokesperson gave Android Central statement Check Point's research improve safety broader mobile ecosystem Android devices most recent security patch level already protected against three of these four vulnerabilities fourth vulnerability CVE-2016-5340 addressed upcoming Android security bulletin Android partners take action sooner referencing public patch Qualcomm has provided exploitation downloading installing malicious application Verify Apps SafetyNet protections identify block remove applications exploit vulnerabilities devices vulnerable Verify Apps manually disable yet another security feature affected apps using exploit QuadRooter roadblocked completely Verify Apps Android display Installation has been blocked message no option ignore install anyway less serious Installing this app may harm your device message allows click-through Android devices running 4.2 Google Play Services latest data available more than 90% active Android devices older versions Android 2010 Gingerbread release enable Verify Apps Security Google Settings app QuadRooter exactly the kind of threat Google created this extra layer of security 900 million vulnerable devices 90 percent automatically block app using QuadRooter remaining 10 percent protected enable security feature manually QuadRooter threat Google created Verify Apps enabled by default 2012 last line of defense defence generally woeful state security updates Android manufacturers effective way protect many devices Google can't reach monthly security patches big Android security scare important serious often overblown context is important Google's built-in security safeguards should stop QuadRooter 900 million devices /