Google published its first Android Security Update of the New Year.
It included details of seven vulnerabilities within the Android operating system classified as high and critical.
Google’s first Android Security Bulletin of 2020 included a patch for a critical flaw in the smartphone operating system. The flaw, if properly and successfully executed, could potentially allow a hacker to execute arbitrary, unauthorized, and possibly malicious code. It didn’t require the hacker to be in physical possession of the Android device and didn’t require the attacker to be on the same network to execute the hack.
Needless to add, this forms the very basis of smartphone multimedia usage and consumption as it allows users to listen to audio, and access video and images. Operating systems 8.0, 8.1 and 9, are specifically impacted by the bug.
Moreover, Google discovered three high-severity flaws (CVE-2020-0006, CVE-2020-0007, CVE-2020-0008) in the Android operating system that could lead to remote information disclosure with no additional execution privileges needed.
Technical specifications on each of the CVEs are limited until handsets are patched and the fear of those bugs being exploited by hackers is significantly reduced.
Google also patched twenty-nine other CVEs, all high-severity except for one critical one. They were related to Qualcomm components, which are used in Android devices.
The December 2019 Android Security Bulletin deployed fixes for critical, high and medium severity vulnerabilities tied to 15 CVEs overall.
Fixes for LG, Nokia and Pixel devices are coming soon but have yet to be posted.
The latest Android version 10 appears to be largely immune to the flaw, according to Google. Therefore it’s important that you seek out and install the January security update as soon as it’s available to you.
Secure Your Organization’s Mind with Securemind.se