Google’s take on Quadrooter doesn’t change the fact that the last fix is weeks away

Google already had three vulnerabilities patched of the four publicized by Check Point Security over the weekend. It had them patched since Android 4.2. That’s the conclusion we’re getting from Google’s statement on the Quadrooter vulnerabilities found in Qualcomm-based Android devices, a device group totaling in the neighborhood of 900 million.

A spokesperson wrote to Android Central that:

Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these.

Hit the source link for the full statement.

The Verify Apps feature has been in the settings since Android 2.3 Gingerbread and on by default since version 4.2 and flat-out prevents the installation of an app that the system believes would cause harm. There’s no option to install the app.

While malware can technically still wreak havoc through those vulnerabilities, you’d have to disable Verify Apps and SafetyNet first.

The company also redoubled its commitment to addressing the fourth security hole in an update next month. It is urging its OEM partners to take Qualcomm’s references to fix the vulnerability even quicker. Of course, you already knew that from statements made yesterday.

Whatever the case will be, it’s unlikely that we’ll see every single manufacturer get a fix out even within a month. Blame fragmentation, blame carrier update approvals, blame whatever you want — just make sure you’re careful in your app sideloading adventures.

Source: Android Central
Via: Phandroid

Discuss This Post

Read More

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Jules Wang
Jules Wang is News Editor for Pocketnow and one of the hosts of the Pocketnow Weekly Podcast. He came onto the team in 2014 as an intern editing and producing videos and the podcast while he was studying journalism at Emerson College. He graduated the year after and entered into his current position at Pocketnow, full-time.