Newsroom News Breaking Comics Tags RSS
News hardware & software 10 August 2020, 14:20

More Than Billion Android Phones at Risk From Security Gap in CPUs

Vulnerabilities found in Qualcomm processors are putting more than one billion Android devices at risk.

More Than Billion Android Phones at Risk From Security Gap in CPUs - picture #1
The scale of the threat is unbelievable, and there will be no help soon enough. Source: Ars Technica

Qualcomm's mobile processors have always been considered to be the best in terms of performance. They have also been known for their security and regular delivery of updates to Android phones. There are many indications that this may change with the latest reports. More than 400 potential vulnerabilities have been discovered in various Snapdragon chipsets, which can threaten up to a billion devices based on this SoC.

The vulnerabilities can be used to install malicious applications without the user's consent and knowledge on devices equipped with the US company's processor. Unauthorized persons can therefore access virtually all information - from user's current location, through personal data, to eavesdropping through the microphone. The nature of these vulnerabilities allows malicious code to be hidden from the operating system, making it impossible to remove unwanted software.

Qualcomm was notified of the situation by Check Point. Of course, no full documentation of errors found in the processors was provided, so as not to make the criminals' job easier.

We don't know how the situation will develop, because we have known for a long time that most Android phones and tablets get updates for a year, up to a maximum of two after their release, and in extreme cases they receive almost no updates at all. The introduction of the "patch" eliminating vulnerability to attack is therefore very unlikely due to the number of devices and the multitude of versions of the operating system. Qualcomm, in a comment for Ars Technica, said that "there is no evidence yet that the vulnerability has been discovered and exploited". However, the company recommends installing applications only from reliable sources - such as the Google Play store.

It is worth remembering that the Google app store is not completely safe either, as in the past it has been a place where malicious apps were installed by millions of users. In all this confusion, we can also see how comfortable the situation is for users of even older iOS phones, which receive new system updated for many years, and when the support is over, they get security patches, which we will probably not see in at least 40% of the billion of vulnerable smartphones with Qualcomm processors.

Mikolaj Laszkiewicz

Mikolaj Laszkiewicz

Have been working at GRYOnline.pl since May 2020. First, he was a newsman in the Technology department, over time he began to get involved in games and journalism, as well as edit and supervise the Technology newsroom. He is currently the editor-in-chief of the Futurebeat.pl site. He previously shared his thoughts on video games in, e.g. various thematic groups. A lawyer by education. He plays on everything and in everything, which can sometimes be reflected in his reviews. His favorite console is the Nintendo 3DS, he plays a new FIFA every year and tries to broaden his gaming horizons. Loves broadly understood computer equipment and disassembles everything that falls into his hands.

more