Security News > 2020 > April > Google Patches Critical RCE Vulnerabilities in Android's System Component
Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component.
"The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.
Patches for eight other issues were included in the 2020-04-01 security patch level, namely six vulnerabilities in the Framework component, and two in Media framework.
The second part of Google's April 2020 Android Security Bulletin will arrive on devices as 2020-04-05 security patch level, delivering patches for 43 vulnerabilities.
On Google devices, a security patch level of 2020-04-05 or later addresses all of the vulnerabilities included in the Android Security Bulletin-April 2020 and Pixel Update Bulletin-April 2020.
News URL
Related news
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)