Security News > 2020 > March > Google Patches Critical Remotely Exploitable Android Bug

Google's March 2020 security updates for Android include fixes for over 70 vulnerabilities, including a critical flaw in media framework.

The critical bug was patched as part of the 2020-03-01 security patch level, which addresses a total of 11 vulnerabilities in framework, media framework, and system.

The critical vulnerability is a remote code execution flaw tracked as CVE-2020-0032, which impacts devices running Android 8.0, 8.1, 9, and 10.

"This is a vulnerability within approximately two dozen MediaTek chipsets that are in millions of Android devices. Because this is a hardware vulnerability, it cannot be patched by Google with an over the air update to the Android operating system. If you have a device running a MediaTek chipset, you should add mobile security that detects when your device is rooted by a third party to protect from attacks using this vulnerability," Lookout's Chris Hazelton told SecurityWeek in an emailed comment.

This month, Google also published a large security bulletin for Pixel devices, which describes over 50 additional vulnerabilities that are patched on Google devices running security patch levels of 2020-03-05 or later.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/uij64t6Axxg/google-patches-critical-remotely-exploitable-android-bug