Google has urged Android users to update to the latest security patch that it has recently rolled out in a bid to keep them safe from a critical zero-day vulnerability. Due to Android’s open-source nature and massive availability, Android smartphones tend to be the go-to gadgets for hackers and cybercriminals to target. And when Google suffers from a bug, these so-called zero-day vulnerabilities can open windows that cybercriminals look to take advantage of. In fact, these zero-day vulnerabilities make up a significant portion of these cyberattacks. According to a SEQRITE report, almost 30 percent of malware attacks nowadays are zero-day exploits.
For the unaware, zero-day flaws are vulnerabilities that are yet to be discovered by the manufacturer or vendor but, these may have been exploited by cybercriminals and threat actors. Google has issued an advisory for Android users urging them to update their Android smartphones to the latest security patch to fix critical zero-day vulnerabilities in their handsets.
According to a report by HackerNews, Google, in its Android Security Bulletin for September 2023, revealed that a critical vulnerability CVE-2023-35674 has been discovered in the Android Framework and system components. While Google did not reveal how this flaw is being exploited, it stated, “There are indications that CVE-2023-35674 may be under limited, targeted exploitation.”
Apart from this vulnerability, September’s security patch also fixes other privilege escalation flaws in the Android Framework. Google says the most high-severity vulnerability in the Android Framework could “lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.”
On the other hand, the most critical flaw in the System could “ lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.” No user interaction is required for exploitation to take place.
The report further states that Google in total fixed 14 vulnerabilities in the System module, 7 in Android Framework, and 2 in MediaProvider, although the fix for the latter will be rolled out soon via a Google Play update.
Therefore, Android users are urged to update their smartphones to the latest security patch in order to keep their devices safe from exploitation by hackers and threat actors.
Step 1: To update your Android smartphone to the latest Android version or security patch, head over to your phone’s settings.
Step 2: Next, tap on Software Update and then check for updates.
Step 3: If any update or security patch is available, it will be displayed. Tap on Download and Install.
Copyright © HT Media Limited
All rights reserved.