Menu
Google patches remote execution flaws in Android

Google patches remote execution flaws in Android

More holes have been found in Android's multimedia playback software

Google has released 16 patches for Android, including one for a critical remote execution vulnerability in the operating system's mediaserver.

The company's Nexus devices will receive an over-the-air update. Google's partners were notified no later than Feb. 1 of the fixes, giving them more than a month to prepare.

The vulnerabilities in mediaserver could be exploited if malicious content is displayed or played on a device, such as an MMS, email, or if the browser plays some type of media, Google's advisory said.

A string of vulnerabilities has been found in media playback software since last year, most notably the Stagefright bug.

That flaw could have allowed an attacker to compromise a device just by sending a malicious MMS. A successful compromise required an attacker only to know the victim's phone number.

The severity of Stagefright prompted Google to move to a monthly patching schedule to address long-running concerns that Android was not regularly fixed. Mobile devices, particularly those running Android, are a frequent target for cyberattacks.

Samsung and LG, both major Android manufacturers, also pledged to improve the speed at which security fixes are applied.

The other patches released by Google include five critical ones, eight rated high severity and two considered moderate.

The source code for the fixes will be published on the Android Open Source Project repository within two days. Updated Nexus firmware images are here.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Androidpatches

Featured

Slideshows

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

New Zealanders kick-started EDGE 2018 with a bout of Super Rugby before a dedicated New Zealand session, in front of more than 50 partners, vendors and distributors on Hamilton Island.‚Äč

EDGE 2018: Kiwis kick back with Super Rugby before NZ session
EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018 kicked off with a dedicated New Zealand track, highlighting the key customer priorities across the local market, in association with Dell EMC. Delivered through EDGE Research - leveraging Kiwi data through Tech Research Asia - more than 50 partners, vendors and distributors combined during an interactive session to assess the changing spending patterns of the end-user and the subsequent impact to the channel.

EDGE 2018: Kiwis assess key customer priorities through NZ research
Show Comments