Google has resolved a critical security flaw in Android 12 with its February 2022 Android security update.
The vulnerability, code-named CVE-2021-39675, affected the System component and could allow hackers to gain admin privileges remotely.
Google's Android Security Bulletin also addresses a second critical vulnerability, CVE-2021-30317, which affects a closed-source component built by Qualcomm and was active on all Android devices fitted with the hardware.
RELATED RESOURCE
Vulnerability and patch management
Keep known vulnerabilities out of your IT infrastructure
Thus far, there have been no reports of active exploitation of either of the now-patched vulnerabilities.
Aside from CVE-2021-39675 and CVE-2021-30317 vulnerabilities, Google issued fixes for five high-severity flaws in Framework, four high-severity bugs in Media Framework, seven high-severity to critical flaws in System, two vulnerabilities of unknown severity in Media Provider, one high-severity flaw in Amlogic components, five high-severity bugs in MediaTek components, three high-severity flaws in Unisoc components, and six high to critical severity vulnerabilities in Qualcomm components.
“The severity assessment of bugs is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed,” explained Google.
However, the search giant noted that the severity of vulnerabilities affecting Amlogic, MediaTek, Unisoc, and Qualcomm components are determined by the source vendor.
Google Play system updates and security updates are available for Android devices running Android 10 and later.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Tiny11 review: Windows 11 with only 2GB of RAMReview A version of Windows 11 for older machines that don't meet the full requirements
-
Red Hat Enterprise Linux becomes foundational operating system for Cohesity Data CloudNews New strategic partnership between Red Hat and Cohesity aims to drive innovation in the data security and management space
-
Ubuntu shifts to four-week update cycleNews Critical fixes will also come every two weeks, mitigating the issues involved with releasing prompt patches on the old three-week cadence
-
AlmaLinux follows Oracle in ditching RHEL compatibilityNews Application binary compatibility is now the aim with 1:1 now dropped
-
How big is the Windows 10 cliff-edge?ITPro Network With some comparing the upcoming Windows 10 end of life to Windows XP, we ask members of the ITPro Network for their insight
-
Everything you need to know about the latest Windows 11 updates - from bug fixes to brand-new featuresNews Two new cumulative updates are on the way and will be installed automatically on Windows 10 and Windows 11 machines
-
How to download a Windows 11 ISO file and perform a clean installTutorial Use a Windows 11 ISO to install the operating system afresh
-
We could all benefit from better Windows and macOS accessibility featuresOpinion Today’s accessibility features can help you work through a nasty injury, but there’s still plenty of room for improvement
