Security News > 2021 > January > Google Warns of Critical Android Remote Code Execution Bug
Google has fixed two critical bugs affecting its Android handsets.
The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code.
The critical-severity flaws include a remote-code-execution flaw in Google's Android System component, the core of the Android operating system.
Another flaw, rated serious, is a denial-of-service issue in the Android Framework component, which is a set of APIs that allow developers to quickly and easily write apps for Android phones.
"The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process," according to Google.
The fixes come after a hefty December Android security update, where Google patched ten critical bugs, including one tied to the Android media framework component that could give attacker remote control of vulnerable handsets.
News URL
https://threatpost.com/google-warns-of-critical-android-remote-code-execution-bug/162756/
Related news
- Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68% (source)
- Google sees 68% drop in Android memory safety flaws over 5 years (source)
- Fake WalletConnect app on Google Play steals Android users’ crypto (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications (source)