If you own a smartphone, chances are it's powered by a Qualcomm Snapdragon System-on-Chip (SoC), and the bad news is experts at Trend Micro, in a blog post, have warned users of a serious security flaw in them. According to Trend Micro, the security flaw leaves malicious programs free to access the inner workings of devices, which could prove disastrous.
"These vulnerabilities have now been fixed by Google; we reported these problems to them privately to allow a patch to be created and distributed to the public. However, given the fragmented nature of vulnerability patching in the mobile and Internet of Things (IoT) space, many users will not be able to receive the needed security update and may continue to be at risk of, among others things, information exposure, [sic]" reads the blog post.
Trend Micro feels these vulnerabilities will become a much bigger problem as the number of devices in the IoT space grows, as a lot of them aren't in line for security updates, the Hacker News reports.
Trend's post also observes that for a hacker to take advantage of this vulnerability, they will be required to get the malicious code on the device first. Trend has, thus, urged users to install only those apps developed by credible developers and from trusted sources.
Despite Google patching the security flaw, the average smartphone user is still not out of the woods. A large percentage of Android devices still run on older versions of Android. A major reason for this is device manufacturers stop offering software updates to devices as they get older. A second reason to worry is the fact that the entire process of receiving an update isn't exactly simple. Barring Nexus devices, device-manufacturers normally optimise updates for their products and send it to network carriers, who then send users the update over the air (OTA), which makes it a time-consuming exercise.
Qualcomm, on their website, say over a billion devices are powered by Snapdragon SoCs.