The QuadRooter set of vulnerabilities reached the headlines mainly due to its wide extent and severity. Since Check Point announced its discovery, we have received numerous questions from users around the globe asking – How can they protect themselves from malware trying to take advantage of the Quadrooter vulnerabilities?
To answer this question, we must first review the basic principles of mobile security. Each time vulnerability is found, the device manufactures (Samsung, LG, HTC and so) are responsible to issue the appropriate fixes, and distribute them to their users. While this procedure might take time, the patches are intended to provide a comprehensive resolution to the vulnerability. Users should always make sure they update their mobile devices to the latest version available.
Moreover, during the time in which a vulnerability has been published to the actual availability and deployment of the fix by you, hackers attempt to exploit these new vulnerabilities and infect users with malware. As such, in order to ensure protection and seal this exposure window, users should also implement additional security measures. We recommend installing an advanced anti-virus security solution, like ZoneAlarm Mobile Security . This protective measure is able to identify and block attempts to exploit both known and unknown vulnerabilities.
Beware of fake copycats!
We have noticed reports that malicious applications tried to disguise themselves as “Fix Patch Quadrooter”. These apps are actually adware applications, displaying unwanted ads, and do not fix any vulnerability. While these apps were already taken off Google Play, users should be aware of such attempts and download only trustworthy apps with high reputation from the official play stores.
Since the publication of the QuadRooter vulnerabilities we have been working closely with Google, Qualcomm, and many of the device manufactures to assist them with expediting and validating the QuadRooter patch. As device manufactures rolled out patches in parallel to any Google patch, we have decided to remove the scanning for two of the vulnerabilities (CVE-2016-5340 and CVE-2016-2503), since the scan is based on the date of the latest Google patch.
Users should consult with their specific device manufacturer and / or mobile carrier to check if the patches were delivered to their device.