Blackberry beats the vendors it trails, finishes Quadrooter patches

Both its users, sorry, handsets are safe

It may now live in the frozen wastes of the “other” in smartmobe market share sales charts, but Blackberry has moved faster on Quadrooter than the rest of the Android OEMs.

The company's announced a patch for both its PRIV and its DTEK50 Android mobes.

Its announcement notes that “three out of the four” vulns were already taken care of for PRIVs with the Marshmallow patch issued this month, and all all DTEK50 devices.

The company now says if customers run in the latest system update, they'll be protected against all four of the Quadrooter vulns.

Quadrooter is a vulnerability that 'droids inherited from drivers for Qualcomm chips, installed at manufacture. In CVE-2016-2059, attackers got access to escalated privilege by making lots of BIND_CONTROL_PORT calls; CVE-2016-2504 was a bug in older Qualcomm GPU drivers; CVE-2016-2503 was another GPU driver bug; and CVE-2016-5340 was a bug in how the Linux kernel handled graphics module pointer validation.

Blackberry's post threatens promises more posts in the future, so the company can congratulate itself a few more times for its Android platform hardening. ®


Biting the hand that feeds IT © 1998–2017