Google patches 11 critical exploits in the mobile OS with the July Android security update

The new update has patched 11 different critical exploits in the mobile OS, where the most severe vulnerability was a critical security vulnerability in the Android OS Media framework.

    Google has recently rolled out the 'July Security Update' for the Android devices. The July Security update fixes around 44 different vulnerabilities in the operating system the company has released the July Android security patch for the Pixel and eligible Nexus devices such as the Pixel, Pixel XL, Pixel 2, Pixel 2XL, Nexus6P, and Nexus 5X.

    Google patches 11 critical exploits in the mobile OS

    According to a report from the Beebom the July Security Bulletin mentions that most of the 44 vulnerabilities were rated as high in severity. The new update has patched 11 different critical exploits in the mobile OS, where the most severe vulnerability was a critical security vulnerability in the Android OS Media framework. If in case this vulnerability was exploited then it allows a remote attacker to save a 'specifically-crafted file in order to execute arbitrary code in regards to the privileged process," states Google.

    This is said to be one of the five critical remote code execution (RCE) vulnerabilities which are found in the Android operating system. Google has further mentioned that these exploits were discovered all around the platform, will be impacting the system, Media Framework and the overall framework of Android. In a blog post, the company mentions, "The most severe vulnerability (CVE-2018-9433) in this section could enable a remote attacker using a specially crafted PAC file to execute arbitrary code within the context of a privileged process." The PAC files are a simple form of text files with JavaScript code which defines how the web browsers can automatically select an appropriate proxy server to fetch a URL. The attacker uses the same to instruct the browser to forward a user's traffic to a proxy server.

    Google patches 11 critical exploits in the mobile OS

    Google also has found that around two dozen vulnerabilities were linked to Qualcomm system components. Among these the most severe vulnerability (CVE-2018-5872) which allowed the nearby attackers to execute an arbitrary code within the context of a privileged process. Qualcomm further said that the exploit is also linked with open-source WLAN-component.

    Read More About: android security patch news
    X

    Stay updated with latest technology news & gadget reviews - Gizbot

    We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more