Security News > 2022 > March > Android's March 2022 security updates fix three critical bugs
Google has released the March 2022 security updates for Android 10, 11, and 12, addressing three critical severity flaws, one of which affects all devices running the latest version of the mobile OS. Tracked as CVE-2021-39708, the flaw lies in the Android System component, and it's an escalation of privilege problem requiring no user interaction or additional execution privileges.
"The most severe of these issues is a critical security vulnerability in the System component that could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." - mentions Google's bulletin.
1 medium severity escalation of privilege flaw in Android runtime.
5 high severity escalation of privileges flaws in Android Framework.
2 high severity denial of service flaws in Android Framework.
If you are running anything older than Android 10, consider upgrading to a new and actively supported device or flashing your existing with a third-party Android ROM that's based on a recent AOSP version.
News URL
Related news
- The ongoing evolution of the CIS Critical Security Controls (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Don't Overlook These 6 Critical Okta Security Configurations (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-16 | CVE-2021-39708 | Out-of-bounds Write vulnerability in Google Android 12.0 In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |