Security News > 2023 > October > Android October security update fixes zero-days exploited in attacks
Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited.
CVE-2023-4211 is an actively exploited flaw impacting multiple versions of Arm Mali GPU drivers used in a broad range of Android device models.
Of the 54 fixes concerning Android 11 through 13, five are rated critical, and two concern remote code execution problems.
This update follows the standard system of releasing two patch levels: the first focuses on core Android components, while the second addresses the kernel and closed-source components.
That said, users of older Android systems are recommended to upgrade to a newer model or flash their device with a third-party Android distribution that offers security updates for their models.
Arm warns of Mali GPU flaws likely exploited in targeted attacks.
News URL
Related news
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- iOS devices face twice the phishing attacks of Android (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |