• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities

You are here: Home / General Cyber Security News / Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities
June 7, 2022

Google Released its Android Security Bulletin for June on Monday, which has details of more than 40 security vulnerabilities influencing Android equipment and connected patches.

In the advisory, the technology huge describes that the most significant of these issues was a critical security vulnerability in the program component that could lead to remote code execution [RCE] with no supplemental execution privileges needed.

“The severity assessment is based mostly on the outcome that exploiting the vulnerability would potentially have on an impacted product, assuming the system and assistance mitigations are turned off for enhancement purposes or if correctly bypassed,” reads the advisory.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Tracked as CVE-2022-20127, the vulnerability could impact unpatched devices running Android variations 10, 11, 12, and 12L.

However, there are other RCE vulnerabilities described in the bulletin, which could affect respectively the Framework, Media Framework and Kernel of particular Android equipment.

In the doc, Google also tackled vulnerabilities deriving from the components of certain producers, such as MediaTek and Qualcomm elements as well as Motorola’s Unisoc chips. 

The 2022-06-01 security patch reportedly preset the 4, critical vulnerabilities described earlier mentioned, along with 5 security bugs in Framework, 13 in the Process part, and 18 other individuals throughout Kernel, MediaTek, Unisoc, and Qualcomm shut-source components.

The Security patch concentrations of 2022-06-05 (or later), on the other hand, address all issues linked with the 2022-06-05 security patch stage and all past patch levels.

Google additional that for some equipment on Android 10 or afterwards, the Google Perform method update will have a date string that matches the 2022-06-01 security patch stage. 

Irrespective of these flaws becoming patched, security on Android is a broader issue. Current knowledge from Check out Issue confirmed how hundreds of mobile apps exposed user data due to the misconfiguration of back-close cloud databases again in March.

Additional lately, the Cybersecurity and Infrastructure Security Company (CISA) added 41 vulnerabilities to its catalog of recognized exploited flaws, which include two concerning Android programs.


Some parts of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Evil Corp Hacker Group Changes Ransomware Tactics to Evade US Sanctions
Next Post: #RSAC: The Growing Relevance and Challenges of Privacy Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.