Researchers have discovered that a dangerous bug has been present in hundreds of millions of Android devices powered by Qualcomm chips. The bug could allow hackers to read your send SMS messages, make calls or even disable a phone’s lock screen, all without the user’s knowledge.
The problem all started back 2011 when Qualcomm released new APIs (Application Programming Interfaces) for a network manager system service, which also involved the netd daemon. These APIs allowed additional tethering capabilities.
The bug was discovered by security firm FireEye, which detailed it in a blog posting. FireEye notified Qualcomm of the flaw in January, and Qualcomm had fix ready by the end of April. Google’s latest Android Security Bulletin, detailing fixes made to Nexus devices on May 1.