Google Patches Critical Remote Code Execution Bugs in July Android Security Update
Google released the 'July Security Update' for Android devices before this month, which tackles a total of 44 vulnerabilities in the operating organisation.
According to the July Security Bulletin, most of these 44 vulnerabilities were rated as high in severity. This update haspatched 11 disquisitional exploits in the mobile Bone, where the almost severe of them all was a critical security vulnerability in the Android Bone Media framework. If this vulnerability was exploited, a remote attacker could have used a "especially-crafted file to execute arbitrary code within the context of a privileged process," says Google.
This was 1 of the five critical remote code execution (RCE) vulnerabilities found in the Android operating system. Google says that such exploits were discovered all across the platform, impacting the system, Media Framework (every bit we talked above), and the overall framework of Android. Further, the blog post added,
The near severe vulnerability (CVE-2018-9433) in this department could enable a remote attacker using a peculiarly crafted PAC file to execute arbitrary code within the context of a privileged process.
Note : If you're unaware, PAC files are unproblematic text files with JavaScript code that defines how web browsers tin automatically choose the appropriate proxy server to fetch a URL. The attacker can use the same to instruct the browser to forward your traffic to a proxy server.
Google also found that over two dozen vulnerabilities were linked to Qualcomm organization components. The most severe among these was a vulnerability (CVE-2018-5872) that allowed nearby attackers to execute an arbitrary code within the context of a privileged process. Qualcomm says that the exploit is linked to the open up-source WLAN component.
The July Security patch was rolled out to Google'south Pixel and Nexus devices at the first of this calendar month, along with the Essential Phone PH-1. Other Android makers such every bit Samsung, Nokia and others are expected to follow conform in the coming days or weeks, depending on their timeline.
Source: https://beebom.com/google-patches-critical-remote-code-execution-bugs-in-july-android-security-update/
Posted by: russellbutim1961.blogspot.com
0 Response to "Google Patches Critical Remote Code Execution Bugs in July Android Security Update"
Post a Comment