An example of this problem with Android updates can see the vulnerability Qualcomm QSEE, a vulnerability that has already been settled by Google more than four months ago but, however, a recent analysis of the state of it shows how the number of updated devices that have solved the vulnerability is very small and, globally, more than 60% of the devices are vulnerable to this security flaw. Qualcomm Secure Execution Environment (QSEE “CVE-2015-6639”) is a security flaw that allows elevation of privileges in the operating system of Google, specifically in the TrustZone, a special kernel space used by Qualcomm processors, from which an attacker even can manage to get root access on the device . As this vulnerability alone is harmless, however, attackers often exploit this flaw by one of the known vulnerabilities in the Android media server to take control of the devices. Therefore, at least a vulnerability in the mediaserver of the Android operating system was cataloged as critical. In addition to the inherent dangers of vulnerability, the most worrying part is the ease with which it can be exploited, since, as explained, all an attacker needs to trick a user to install an application, which will use two exploits and, within seconds, attacker will gain the full control over the device. By having the full control over the device, the infection will be permanent, and the only way to get rid of it, the user have to flash the ROM of the device from scratch. As we said, the tech giant Google discovered and fixed the vulnerability 4 months ago, however, more than half of the Android smartphone users is potentially vulnerable to it. This is because, although the update has already reached users, but, the manufacturers have not updated their devices, and probably do not, thus returning to the issue of fragmentation. So, if we want to protect ourselves from the vulnerability should then we should avoid using smartphones with Qualcomm processors or, if we have one, then we have to install a ROM that includes the patch updates of Android, as CyanogenMod. Hence, after doing this process attacker can not use the vulnerability (QSEE “CVE-2015-6639”) to gain full control of our device. Anyway, even if we have the latest version of Android we may still continue, but, it will be best to avoid installing the applications which are not trusted to prevent the new exploit.
Δ