Security News > 2020 > April > Google Patches Critical RCE Vulnerabilities in Android's System Component
Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component.
"The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.
Patches for eight other issues were included in the 2020-04-01 security patch level, namely six vulnerabilities in the Framework component, and two in Media framework.
The second part of Google's April 2020 Android Security Bulletin will arrive on devices as 2020-04-05 security patch level, delivering patches for 43 vulnerabilities.
On Google devices, a security patch level of 2020-04-05 or later addresses all of the vulnerabilities included in the Android Security Bulletin-April 2020 and Pixel Update Bulletin-April 2020.
News URL
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Google brings better bricking to Androids, to curtail crims (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)