Android patches 40 Vulnerabilities, 4 critical - but it may be a while before you get the patch.
Take action: Given how many spyware tools have focused on exploiting Android it's a very wise decision to patch your phone and tablet. Unfortunately, you may need to wait until your mobile phone vendor releases the latest patch for your specific device - that's the curse of the vendor-specific android builds.
Learn More
In the latest security updates for August 2023, Google has addressed over 40 vulnerabilities within the Android operating system.
Four vulnerabilities have also been classified as 'critical' by Google:
- CVE-2023-21273, remote code execution issue affecting the System component. What makes this vulnerability particularly concerning is that it can be exploited without requiring user interaction or elevated privileges and will impact Android versions 11, 12, 12L, and 13.
- CVE-2023-21282: remote code execution flaw within the Media Framework component.
- CVE-2023-21264: kernel privilege escalation flaw.
- CVE-2022-40510: Memory corruption found in Qualcomm's closed-source components.
Additionally, approximately three dozen security vulnerabilities have been rated with a 'high severity' status. These vulnerabilities have the potential to result in privilege escalation, information disclosure, and even denial-of-service (DoS) attacks.
Threat actors, particularly commercial spyware vendors, have exploited Android vulnerabilities, including zero-days, for their malicious activities. Unfortunately, with so many different flavours of Android and each phone vendor compiling their own version, users will probably wait a while until they get an update for their phones.
