Android Security Patch Fixes 108 Flaws This July

Google is rolling out its largest security patch for Android, fixing over a hundred vulnerabilities in the operating system, including patches for the infamous Qualcomm-related flaws. The search giant has separate this month's security update in two parts: one fixes 33 flaws that affect all of Android devices, and some other brings patches to 75 driver- and device-specific vulnerabilities.

This is the first time we are seeing Google dividing the monthly update in ii parts, and that has a good reason behind it. In the past weeks, we have seen a number of device and commuter specific vulnerabilities, affecting some devices, and the two-part Android security release is designed to ensure speedy commitment across all devices. "This bulletin has ii security patch level strings in gild to provide Android partners with the flexibility to move more than chop-chop to fix a subset of vulnerabilities that are like across all Android devices," Google said in its July Android security bulletin.

The nearly astringent of these problems is a Disquisitional security vulnerability that could enable remote lawmaking execution on an afflicted device through multiple methods such as electronic mail, spider web browsing, and MMS when processing media files.

A Huge number of flaws fixed in the July Android security patch

The July update brings fixes for a total number of 108 vulnerabilities, fixing bugs in the Qualcomm Secure Execution Environment (QSEE) that could be exploited to bypass Android's Total Device Encryption (FDE) amid others. The latest security patch from Google as well brings fixes for bugs in:

• Qualcomm GPU, Bluetooth, photographic camera, USB, and WiFi
• 14 vulnerabilities were resolved in Mediasever, including 7 that were rated critical, including:
  • Denial of service vulnerability
  • Data disclosure vulnerability
  • Elevation of privilege vulnerability
• Remote code execution vulnerability in OpenSSL and BoringSSL
• Fixes for MediaTek drivers:
  • Elevation of privilege vulnerability in MediaTek Wi-Fi driver
  • Pinnacle of privilege vulnerability in MediaTek drivers
  • Elevation of privilege vulnerability in MediaTek power commuter
  • Elevation of privilege vulnerability in MediaTek hardware sensor commuter, video driver, GPS driver, power direction driver, display driver, video codec driver
• NVIDIA driver fixes:
  • Elevation of privilege vulnerability in NVIDIA video driver, camera driver
  • Information disclosure vulnerability in NVIDIA camera driver

From disquisitional privilege escalation flaws to some vulnerabilities being rated of high and medium severity, there is a long list of fixes that have arrived following the Independence weekend. Google has said that there is no reported active exploitation or abuse of these newly reported flaws.

This is a summary of the mitigations provided past the Android security platform and service protections such as SafetyNet. These capabilities reduce the likelihood that security vulnerabilities could exist successfully exploited on Android.

Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. Nosotros encourage all users to update to the latest version of Android where possible.

July'due south Android security updates are already bachelor for Nexus devices, and nosotros hope to run into latest Samsung devices to receive the security fixes very shortly besides. BlackBerry has likewise promised that the patch will soon go far on devices. Users are strongly advised to install the Android security updates as soon every bit they land on your device.

Source: https://wccftech.com/largest-android-security-patch-arrives/

Posted by: eppsuporly.blogspot.com

Share this post