Patchday Android: Critical gaps in the system lead to remote code execution

If you have an Android device, you should start the update function: numerous security updates have been released.Reading time:1 min.Save in pocketreadPrint viewread comments55posts

Smartphones and tablets with Android versions 8.0, 8.1, 9 and 10 are vulnerable. Successful attacks could lead to completely compromised devices. Google and other manufacturers like Samsung have now released security updates.

If you have an Android device, you should ensure in the settings that the Security Patch Level 2020-04-01 or 2020-04-05 is installed. In addition to the latest security updates, the latter package also contains all older patches.

In a message to the monthly patchday , Google states that they want to publish the code of the security patches promptly in the repository of the Android Open Source Project (AOSP). Other manufacturers should have known about the security updates for at least a month. In the box on the right you will find links to websites with information about Android security patches from LG, Sony & Co.

Patchday Android: Critical gaps in the system lead to remote code execution

The most dangerous vulnerabilities are found in the system this month. At this point, the Android developers have closed four gaps classified as ” critical “. For a successful attack, attackers have to insert a prepared file into the victim’s hands. If that works, malicious code could contaminate devices.

Another critical gap is due to a WLAN component from Qualcomm. Another eight critical weaknesses make various, not described in more detail, closed-source components of the semiconductor manufacturer vulnerable.

Other vulnerabilities can be found in the framework, media framework, FPC components and kernel components. Detailed information on this can be found in the Google report .

As can be seen from a contribution from Google , the Pixel series gets extra security patches. Among other things, the developers take care of a bug (CVE-2020-0068) in the audio driver.

Google has also released a patch for the Pixel 4 that prevents the smartphone from being unlocked with closed eyes via face recognition. ( of ) Read comments ( 55 )Go to the homepage

Leave a Reply

Your email address will not be published.