Security News > 2015 > November > Security update kills several critical bugs in Android Marshmallow (Help Net Security)
2015-11-03 11:01
Google's November Android security update carries fixes for seven vulnerabilities, including two remote code execution flaws that are rated "critical" (CVE-2015-6608, CVE-2015-6609), and an elevation ...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/76WH5e4_6wA/secworld.php
Related news
- Drozer: Open-source Android security assessment framework (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- 73% of SME security pros missed or ignored critical alerts (source)
- 10 Critical Endpoint Security Tips You Should Know (source)
- DHS establishes AI Safety and Security Board to protect critical infrastructure (source)
- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-11-03 | CVE-2015-6608 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073. | 10.0 |
| 2015-11-03 | CVE-2015-6609 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, aka internal bug 22953624. | 10.0 |