Menu
Google patches remote execution flaws in Android

Google patches remote execution flaws in Android

More holes have been found in Android's multimedia playback software

Google has released 16 patches for Android, including one for a critical remote execution vulnerability in the operating system's mediaserver.

The company's Nexus devices will receive an over-the-air update. Google's partners were notified no later than Feb. 1 of the fixes, giving them more than a month to prepare.

The vulnerabilities in mediaserver could be exploited if malicious content is displayed or played on a device, such as an MMS, email, or if the browser plays some type of media, Google's advisory said.

A string of vulnerabilities has been found in media playback software since last year, most notably the Stagefright bug.

That flaw could have allowed an attacker to compromise a device just by sending a malicious MMS. A successful compromise required an attacker only to know the victim's phone number.

The severity of Stagefright prompted Google to move to a monthly patching schedule to address long-running concerns that Android was not regularly fixed. Mobile devices, particularly those running Android, are a frequent target for cyberattacks.

Samsung and LG, both major Android manufacturers, also pledged to improve the speed at which security fixes are applied.

The other patches released by Google include five critical ones, eight rated high severity and two considered moderate.

The source code for the fixes will be published on the Android Open Source Project repository within two days. Updated Nexus firmware images are here.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags patchessecurityAndroid

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
Show Comments