BlockchainGovernment & Tech

Fighting Corruption With Blockchain Technology in Africa

Internet

How to Avoid Gmail Account Deletion by Google

Artificial Intelligence

Google’s AI Revolution Boosts Android’s Future

Artificial Intelligence

Google Launches Enhanced Bard, Intensifying its AI Efforts

OpinionsGovernment & TechWorld

The FBI’s alarm over China’s AI ambitions: Risks and Concerns

Cybersecurity

City of Oakland Hit by Ransomware Attack

Cybersecurity

Moving From IPV4 to IPV6? NSA Releases Advice for Companies

Businesses & Government

The Challenges of Doing Ecommerce Business in Africa

Cybersecurity

What is Email Security, and Types of Email Attacks?

Telecoms & MobileWest Africa

Top Telecommunications Companies in Ghana

High-Risk Android Security Flaws
High-Risk Android Security Flaws
Software & SecurityWorld

HIGH-RISK ANDROID SECURITY FLAW PATCHED BY GOOGLE

by Penelope Nhyira
written by Penelope Nhyira

Google released an Android security update this week, fixing more than 30 security holes that expose mobile users to a variety of harmful hacker attacks.

The most recent Android version documents 33 security flaws, some of which are significant enough to result in privilege escalation or information disclosure issues.

The most serious of them is a flaw in the Media framework that might result in privilege elevation on Android 8.1 and 9 devices, as well as information leakage on Android 10 and 11. The vulnerability is identified as CVE-2021-0519.

“The most serious of these concerns is a high-security vulnerability in the Media Framework component,” according to a Google advisory, “that might enable a local malicious app to evade operating system protections that separate application data from other apps.”

The 2021-08-01 security patch level includes fixes for three high-severity elevations of privilege issues in Framework, as well as two elevations of privilege and three information disclosure defects in the System. All five have a high level of severity.

The 2021-08-05 security patch level is the second portion of this month’s security update, and it fixes a total of 24 vulnerabilities in Kernel components, MediaTek components, Widevine DRM, Qualcomm components, and Qualcomm closed-source components.

The most serious of these flaws is a use after free vulnerability, which might allow an attacker to run arbitrary code with kernel privileges.

The most serious of these flaws could allow remote code execution within the context of a privileged process if they are successfully exploited. An attacker might then install apps based on the privileges associated with this application.

Google also repaired three medium-severity problems particular to Google devices, in addition to the vulnerabilities addressed in the August 2021 Android Security Bulletin. An elevation of privilege vulnerability in the Pixel component, as well as two other undisclosed vulnerabilities in Qualcomm closed-source components, are among them.

According to Google, all of these issues are resolved on Pixel smartphones running patch level 2021-08-05.

You Might Be Interested In

As a technology journalist, my main area of expertise has been software and security. You would see me doing stories on software and the inherent dangers software viruses of different types hamper our safe usage of technology. As to how these dangers can be curtailed, your guess is as good as mine! Email: [email protected]

Related Articles

The FBI’s alarm over China’s AI ambitions: Risks...

Hacker Imprisoned for Stealing Ed Sheeran’s Songs

Singapore’s Ecommerce Platform Carousell Hacked

Server Side Injection as a Web Attack with...

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More...

Close