Your one-stop web resource providing safety and security information to manufacturers

Google released its April Android security patches, which handles three critical vulnerabilities.

Google’s monthly Android update includes two patch levels immediately available to Google’s own Pixel devices and have gone out to other Android device makers to distribute.

RELATED STORIES
Android Security Patches Released
Google Boosts Android Encryption
Skype Hole Exposes Android Users’ Data
Google Play Spyware Thwarted

The 2019-04-01 patch level includes fixes for two critical remote code execution flaws affecting the Media framework.

The Media framework bugs, CVE-2019-2027 and CVE-2019-2028, affect Android 7 and up and “could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” according to Google’s bulletin.

Cyber Security

The most severe vulnerability in the system area is a RCE issue CVE-2019-2029 that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

The second part of this month’s security fixes, included in the 2019-04-05 security patch level, addresses over 75 vulnerabilities in System and open and closed-source Qualcomm components.

Pin It on Pinterest

Share This