Security News > 2024 > August > Google Patches New Android Kernel Vulnerability Exploited in the Wild
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild.
That said, Clement Lecigne of Google's Threat Analysis Group has been credited with reporting the flaw, suggesting that it's likely being exploited by commercial spyware vendors to infiltrate Android devices in narrowly targeted attacks.
Also resolved by Google are 12 privilege escalation flaws, one information disclosure bug, and one denial-of-service flaw impacting the Android Framework.
Google subsequently told The Hacker News that the issue's impact goes beyond Pixel devices to include the broader Android platform and that it's working with OEM partners to apply the fixes where applicable.
Previously, the company also closed out two security flaws in the bootloader and firmware components that were weaponized by forensic companies to steal sensitive data.
The development comes as the U.S. Cybersecurity and Infrastructure Security Agency added CVE-2018-0824, a remote code execution flaw impacting Microsoft COM for Windows to its Known Exploited Vulnerabilities catalog, requiring federal agencies to apply fixes by August 26, 2024.
News URL
https://thehackernews.com/2024/08/google-patches-new-android-kernel.html
Related news
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-09 | CVE-2018-0824 | Deserialization of Untrusted Data vulnerability in Microsoft products A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 8.8 |