60% of enterprise phones still vulnerable to QSEE exploit

Most enterprise users with Android phones are still vulnerable to an exploit that allows attackers to get into their phone’s Qualcomm Secure Executive Environment and completely take over the phone, up to and including modifying the phone’s operating system, Duo Labs reported today.

That’s even though the patch came out in January, said Kyle Lady, research and development engineer at Duo Security‘s Duo Labs.

Acccording to Duo’s dataset of enterprise Android devices, 80 percent of enterprise phones have the Qualcomm chipset, but only a quarter of them have applied the security update, leaving 60 percent still vulnerable.

To read this article in full or to leave a comment, please click here