Google Pushes Out Flaw Fixing Android Security Patch

Google has pushed out an update for Android to fix a slew of cyber security holes, inducing a number of remote code execution vulnerabilities.

The July security patch notably plugs vulnerabilities that surface when files like images and videos are processed by the mobile operating system for display. and enable the execution of arbitrary code.

“The most severe of these issues is a critical security vulnerability in media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” Google’s patch notes explained.

“The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.”

Patching away

The patch also fills a vulnerability in the code used for Wi-Fi connectivity in Android devices sporting wireless chips from Broadcom.

The security flaw had opened up such devices to potential traps set by hackers within Wi-Fi range, who could have sent malicious network packets to the Wi-Fi chip to exploit the flaw and gain kernel level control over the infected device.

Such attacks are particularly dangerous to infected devices as they effectively get to the heart of Android and wreak havoc from there.

The patch also contained fixes with bugs that affect Qualcomm components commonly found in Android devices, and tackled flaws relating to Nvidia and MediaTek components.

Over-the-air updated will be pushed out to Google’s own range of handsets, such as the Pixel XL, while other phone companies will be able to get the update from the Google Developer website.

As ever, Android appears to be constantly targeted by cyber attacks, but Google appears to be working on making its mobile OS more secure.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

7 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

9 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

11 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

12 hours ago