Google released its month to month security bulletin for August on Monday, detailing the hottest accessible patches for Android.
A overall of 37 vulnerabilities have been patched, which include a critical security flaw in the Program component that could guide to remote code execution via Bluetooth with no more execution privileges needed.
The Bluetooth vulnerability is tracked as CVE-2022-20345 and has been patched on Android 10, 11, 12 and 12L.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The remaining flaws that had been patched in Google’s August security bulletin had been assigned a high severity rating as many of them could guide to privilege escalation or facts disclosure.
They impacted respectively elements like Framework, Media Framework, Process, Kernel, Creativity Technologies, MediaTek, Unisoc and Qualcomm factors.
The bulletin has two security patch levels to give Android associates the versatility to repair a subset of vulnerabilities that are very similar throughout all Android units extra immediately.
“Android associates are encouraged to repair all issues in this bulletin and use the hottest security patch degree,” read the bulletin. “Partners are inspired to bundle the fixes for all issues they are addressing in a solitary update.”
Additional frequently, security vulnerabilities are split in between Google’s bulletin and device / partner security bulletins due to the actuality that Android machine and chipset producers may possibly also publish security vulnerability particulars precise to their items.
And whilst security vulnerabilities that are documented in Google’s security bulletin are expected to declare the latest security patch level on Android equipment, the exact same does not utilize to additional security vulnerabilities that are documented in device / partner security bulletins.
The complexity of Android’s patching technique across unique makers represents a security issue for the operating method, but Google is consistently pushing out updates to take care of as quite a few vulnerabilities as achievable as quickly as they turned recognized.
Continue to, cyber-attacks focusing on Android continue being frequent. Just over a thirty day period ago, for instance, security scientists from Cleafy spotted a new Android Banking Trojan they dubbed Revive.
Some components of this posting are sourced from:
www.infosecurity-magazine.com