Google’s April Android Security Bulletin Warns of 9 Critical Bugs (remote code execution, critical elevation of privilege)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Nine vulnerabilities rated critical were patched as part of Google’s Android Security Bulletin for April.

Critical vulnerabilities ranged from two remote code execution vulnerabilities tied to the Android media framework, to a Qualcomm Wi-Fi component flaw that allowed a nearby attacker to use “a specially crafted file to execute arbitrary code within the context of a privileged process.”

Google said firmware updates are available and will be delivered via over-the-air (OTA) updates to Google Pixel and Nexus devices. Updates to other Android devices will be sent via respective OEM device makers and wireless carriers, where applicable. For example, Samsung Mobile announced a maintenance release for its “major flagship models” that included eight Samsung patches being delivered OTA.
In all, Google’s April security update includes 28 fixes; nine rated critical and 19 rated high. Seven of the critical vulnerabilities were tied to the Android OS directly. Each Qualcomm and Broadcom component maker fixed a critical bug.
The Android operating system received the most attention, with Google fixing four remote code execution bugs and one critical elevation of privilege bug.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top