Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component.
All of the four critical bugs addressed this month in Android’s System could lead to remote code execution, and all impact Android 8.0, 8.1, 9, and 10. Fixes for the flaws will be delivered to all devices running the 2020-04-01 security patch level or newer.
The vulnerabilities are tracked as CVE-2020-0070, CVE-2020-0071, CVE-2020-0072, and CVE-2020-0073.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” Google notes in an advisory.