Google released this month’s security patch for its Android 9.0 Pie mobile operating system.
The Android Security Patch for March update consists of the 2019-03-01 and 2019-03-05 security patch levels, which address 45 security vulnerabilities affecting the Android Framework, Media Framework, Android System, Kernel and Qualcomm components, as well as Qualcomm closed-source components, and the Pixel Update Bulletin for March 2019, which fixes various issues for Pixel 3 users.
“The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” said Android officials in the Android Security Bulletin for March 2019. “We have had no reports of active customer exploitation or abuse of these newly reported issues.”
Media framework has two vulnerabilities rated critical, according to the bulletin.
There is also a critical vulnerability in the Android system platform, with a case number of CVE-2019-2009, which could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.
With Qualcomm components, there are two vulnerabilities in products that have case number of CVE-2017-8252, which are in the EcoSystem component and one issue, CVE-2018-11817, which is in the DSP_Services component, according to the advisory.
In addition, there were three critical issues in products in the closed-source component, which have a case number of CVE-2017-8252, and one issue with a case number of CVE-2018-11958.
Google recommends all users to install the Android Security Patch for March update on their devices as soon as it’s available.