Google’s Android Security Bulletin Warns Of 9 Critical Bugs

1 min


0

Google’s Android Security Bulletin Warns Of 9 Critical BugsNine vulnerabilities rated critical were patched as part of Google’s Android Security Bulletin for April.

Critical vulnerabilities ranged from two remote code execution vulnerabilities tied to the Android media framework, to a Qualcomm Wi-Fi component flaw that allowed a nearby attacker to use “a specially crafted file to execute arbitrary code within the context of a privileged process.”

Google said firmware updates are available and will be delivered via over-the-air (OTA) updates to Google Pixel and Nexus devices. Updates to other Android devices will be sent via respective OEM device makers and wireless carriers, where applicable. For example, Samsung Mobile announced a maintenance release for its “major flagship models” that included eight Samsung patches being delivered OTA.

In all, Google’s April security update includes 28 fixes; nine rated critical and 19 rated high. Seven of the critical vulnerabilities were tied to the Android OS directly. Each Qualcomm and Broadcom component maker fixed a critical bug.

The Android operating system received the most attention, with Google fixing four remote code execution bugs and one critical elevation of privilege bug.

“The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” Google wrote.

Common vulnerabilities and exposures (CVE) details of each of the bugs are not released until device makers have patched the affected systems.

Several Qualcomm components were patched as part of the April update, including chipset functions relating to Wi-Fi, binder, WLAN and audio drivers. A critical RCE Broadcom wireless bug (CVE-2017-13292) was also patched.

Google also released a separate April Pixel / Nexus Security Bulletin for its Pixel and Nexus devices that include the Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Nexus 5X, and Nexus 6P smartphones as well as the Pixel C tablet. Google said Android 8.1 Oreo factory images and OTAs are available for download.


Like it? Share with your friends!

0

0 Comments

Leave a Reply

Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Countdown
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Video
Youtube, Vimeo or Vine Embeds
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format