Android’s September 2024 Update Patches Exploited Vulnerability

September 4, 2024 at 05:36AM Google has released a new set of Android security updates addressing 35 vulnerabilities, including a high-severity local privilege escalation bug. The bug, tracked as CVE-2024-32896, was exploited in attacks and is addressed in the September 2024 Android security bulletin. The updates also resolve other high-severity flaws and issues in Framework … Read more

Critical Remote Code Execution Vulnerability Patched in Android

February 6, 2024 at 07:36AM Google announced patches for 46 Android vulnerabilities, including a critical bug (CVE-2024-0031) in the System component, enabling remote code execution. The 2024-02-01 security patch level fixed this flaw and 14 other high-severity defects. A subsequent update on 2024-02-05 addressed 31 high-severity issues in various components. Google also patched seven Pixel … Read more

Exploit released for Android local elevation flaw impacting 7 OEMs

January 31, 2024 at 02:16PM A proof-of-concept (PoC) exploit for CVE-2023-45779, a local privilege elevation flaw affecting seven Android OEMs, has been publicly released on GitHub by Meta’s Red Team X. The flaw, addressed in Android’s December 2023 security update, results from insecure signing of APEX modules. Devices with the 2023-12-05 security patch are protected. … Read more