Security News > 2023 > October > Android October security update fixes zero-days exploited in attacks
Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited.
CVE-2023-4211 is an actively exploited flaw impacting multiple versions of Arm Mali GPU drivers used in a broad range of Android device models.
Of the 54 fixes concerning Android 11 through 13, five are rated critical, and two concern remote code execution problems.
This update follows the standard system of releasing two patch levels: the first focuses on core Android components, while the second addresses the kernel and closed-source components.
That said, users of older Android systems are recommended to upgrade to a newer model or flash their device with a third-party Android distribution that offers security updates for their models.
Arm warns of Mali GPU flaws likely exploited in targeted attacks.
News URL
Related news
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Google patches exploited Android zero-day on Pixel devices (source)
- Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day (source)
- Ratel RAT targets outdated Android phones in ransomware attacks (source)
- Rafel RAT targets outdated Android phones in ransomware attacks (source)
- Snowblind malware abuses Android security feature to bypass security (source)
- Juniper Networks Releases Critical Security Update for Routers (source)
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- Japanese space agency spotted zero-day attacks while cleaning up raid on M365 (source)
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |