Android security update fixes more than 80 security vulnerabilities – including four critical
Picture: Getty/Guido Mieth Android’s December safety replace fixes over 80 safety vulnerabilities affecting smartphones – together with 4 flaws classed as important. In accordance with Google’s Android safety bulletin for December 2022, essentially the most extreme vulnerability is one in Android’s System part, which may permit attackers to remotely execute code over Bluetooth with out … The post Android security update fixes more than 80 security vulnerabilities – including four critical appeared first on Ferdja.
Android’s December safety replace fixes over 80 safety vulnerabilities affecting smartphones – together with 4 flaws classed as important.
In accordance with Google’s Android safety bulletin for December 2022, essentially the most extreme vulnerability is one in Android’s System part, which may permit attackers to remotely execute code over Bluetooth with out the necessity for system permissions.
The 4 important vulnerabilities have an effect on Android variations 10 to 13. Two of them – CVE-2022-20411 and CVE-2022-20498 – are within the System part of the Android working system, whereas the opposite two – CVE-2022-20472 and CVE-2022-20473 – are in Android’s Software Framework and will permit attackers to remotely execute code, with no further execution privileges wanted.
Google hasn’t but supplied full particulars about how precisely the vulnerabilities work. That method follows the corporate’s typical process of not disclosing data on how assaults happen with a purpose to keep away from offering attackers clear directions on how you can exploit the vulnerabilities earlier than customers are protected by the most recent replace, which customers are urged to use as quickly as doable.
Additionally: Cybersecurity: These are the brand new issues to fret about in 2023
“Exploitation for a lot of points on Android is made tougher by enhancements in newer variations of the Android platform. We encourage all customers to replace to the most recent model of Android the place doable,” mentioned the Android safety bulletin.
Android software program updates and safety patches needs to be routinely downloaded onto units. If auto obtain is not turned on, you’ll be able to seek for and obtain the most recent safety patch beneath software program replace settings. Customers may also examine which model of Android they’re utilizing in cellphone settings.
Among the many different safety points that the most recent Android replace fixes are a high-severity vulnerability in Android Runtime (CVE-2022-20502) and a high-severity vulnerability in Media Framework (CVE-2022-20496) – each may result in native data disclosure with out an attacker needing further privileges. A high-severity vulnerability within the Kernal (CVE-2022-23960) may additionally result in the identical subject.
The complete checklist of vulnerabilities is accessible on the Android Security Bulletin for December 2022.
Whereas there is not any indication that any of the vulnerabilities have but been utilized by cyber criminals, making use of the safety replace as quickly as doable will assist customers keep protected against assaults.
MORE ON CYBERSECURITY
The post Android security update fixes more than 80 security vulnerabilities – including four critical appeared first on Ferdja.
