Google Patches 11 Critical Bugs in March Android Security Bulletin (26 rated as high severity)

[LASER_oneXM]

Google patched 11 critical vulnerabilities in its Android operating system this week, seven of which are remote code execution bugs. In total, 37 flaws were patched, with 26 rated as high severity.

The most severe of the bugs is a critical security vulnerability found in the Media Framework component of the Android OS, according to the Android Security Bulletin published on Monday. Google said that the flaw “could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.”

“The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed,” Google wrote.

It added that there are no reports of the vulnerability being actively exploited. Google said an over-the-air update and firmware images for Google devices are available for its Pixel and  Nexus devices and third-party carriers will also deliver updates to vendor handsets.

Ten system vulnerabilities were identified with the most severe being a critical remote code execution bug that could “enable a proximate attacker to execute arbitrary code within the context of a privileged process,” according to the security bulletin.

 

[DeepWeb]

It's so worrying that 99.9% of Android devices won't even get this update until months later if at all. I'm currently at the February 2018 security update thanks to LineageOS. I have the March security update available but that ROM is broken.
I highly recommend anyone to at least get your phone to the February 2018 Security Update because it includes a patch for Meltdown and Spectre.

 

[ForgottenSeer 58943]

It's so worrying that 99.9% of Android devices won't even get this update until months later if at all. I'm currently at the February 2018 security update thanks to LineageOS. I have the March security update available but that ROM is broken.
I highly recommend anyone to at least get your phone to the February 2018 Security Update because it includes a patch for Meltdown and Spectre.

Which is why I may switch to a Pixel in my next round of phone purchases. The update cycle is way faster, and I can still lock it down fairly well. iPhone's aren't even an option so don't mention them please. Hehe.

 

[amico81]

Once a Google Pixel, always a Google Pixel i like the fast security updates and the pure android

 

[DeepWeb]

Which is why I may switch to a Pixel in my next round of phone purchases. The update cycle is way faster, and I can still lock it down fairly well. iPhone's aren't even an option so don't mention them please. Hehe.

Same here. My next phone will be the Pixel 3 hopefully. I'm tired of it all. I just want a pure Android experience with quick updates.

 

[ForgottenSeer 58943]

Once a Google Pixel, always a Google Pixel i like the fast security updates and the pure android

Yeah, I've about had it with Samsung Bloat, useless launchers, slow updates and insane telemetry.

Pixel 3 here I come!