Security News > 2021 > August > Google Patches High-Risk Android Security Flaws
Google this week pushed out a security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks.
The latest Android update provides documentation on 33 security bugs, some serious enough to cause privilege escalation or information disclosure compromises.
"The most severe of these issues is a high security vulnerability in the Media Framework component that could enable a local malicious application to bypass operating system protections that isolate application data from other applications," according to a Google advisory.
The 2021-08-01 security patch level also includes fixes for three high severity elevation of privilege flaws in Framework, and a pair of elevation of privilege and three information disclosure bugs in System.
The second part of this month's security update, the 2021-08-05 security patch level, brings fixes for a total of 24 vulnerabilities affecting Kernel components, MediaTek components, Widevine DRM, Qualcomm components, and Qualcomm closed-source components.
In addition to the vulnerabilities resolved with the August 2021 Android Security Bulletin, Google also fixed three medium-severity bugs specific to Google devices.
News URL
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Google brings better bricking to Androids, to curtail crims (source)
- Android 15 unveils new security features to protect sensitive data (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)