Search This Blog

Powered by Blogger.

Blog Archive

Labels

Google Released 41 Security Updates, Severity High and Critical

Every month Google issues security patches for Android OS consisting vendor fixes and framework.

 

Google issued latest Android October security patches, fixing 41 vulnerabilities, of high and critical severity. Every month, Google issues security patches for Android OS consisting vendor fixes and framework for the month. The current update includes patches for 10 vulnerabilities which were addressed in the 2021-10-01 Security patch level, which was released earlier this week. The flaws with high severity patched October's DoS (Denial of Service), remote code executions, information disclosure issues, and elevation of privilege. Three critical severity vulnerabilities in the update are termed as: 
  • CVE-2020-11301: A critical vulnerability impacting Qualcomm's WLAN parts, concerned with unencrypted (simple text) frames acceptance on secure networks. 

  • CVE-2020-11264: A critical vulnerability impacting Qualcomm's WLAN parts, concerned with non-EAPOL/WAPI frames acceptance from malicious source retrieved in IPA exception pathways. 

  • CVE-2021-0870: Remote Code execution vulnerability in android OS, which allows threat actor to deploy arbitrary codes related to the privileged process. 

The 41 vulnerabilities released this month have not been exploited according to experts, therefore users can be assured of no vulnerability exploits running in the wild. Earlier devices which are incompatible with the current security updates are more susceptible to attacks, because this month's security patches can be a golden opportunity for hackers to deploy exploits in the future. One should note that, Android OS security patches are not limited to android variants, the latest updates are concerned with android versions 8.1 to 11. 

Similarly, the OS variant isn't a deciding factor for to know whether your device is compatible. If the user is sure that his device has reached the EOL date, he can install a third party android distribution that would provide monthly security updates for the device, or replace it with a new version. "Android fans have been eagerly waiting for the release of version 12, which was rumored for October 4, 2021, but what they got instead was the source of Android 12 pushed to the Android Open Source Project" reports Bleeping Computers. The last step highlights that the actual release is not far away, and OTA update news could be supported for Pixel device.
Share it:

Android OS

Exploits

Google

Remote Code Execution

Vulnerability and Exploits