February 6, 2024 at 07:36AM
Google announced patches for 46 Android vulnerabilities, including a critical bug (CVE-2024-0031) in the System component, enabling remote code execution. The 2024-02-01 security patch level fixed this flaw and 14 other high-severity defects. A subsequent update on 2024-02-05 addressed 31 high-severity issues in various components. Google also patched seven Pixel device vulnerabilities. Samsung released updates for its devices.
From the meeting notes, the key takeaways are:
Google has announced patches for 46 vulnerabilities in Android, including a critical-severity bug leading to remote code execution (CVE-2024-0031). The issues impact various AOSP versions and have been resolved as part of Android’s 2024-02-01 security patch level, addressing a total of 15 security defects. Additionally, the second part of this month’s Android update (2024-02-05 security patch level) fixes 31 high-severity security defects in components from Arm, MediaTek, Unisoc, and Qualcomm. Google also released patches for seven vulnerabilities affecting its Pixel devices, with all issues fixed for Pixel devices running the 2024-02-05 security patch level. Furthermore, Samsung has announced a fresh set of software updates for eligible devices, including Android February 2024 fixes and patches for vulnerabilities specific to Samsung’s products.
It is recommended that users update their devices as soon as the software updates are available for them.