Google on Monday announced a series of crucial security updates for its Android operating system, addressing no less than 38 vulnerabilities, two of which are critical in severity, boosting the protection of devices against potential threats. These fixes are critical for users of Android 12, 12L, 13, and 14, reflecting Google's commitment to the security and integrity of its users' data.
Google says the two critical security issues for Android, codenamed CVE-2024-0039 and CVE-2024-23717, have been identified as having the ability to allow remote code execution and elevation of privilege, respectively . In particular, the remote code execution vulnerability is a major threat, allowing attackers to take control of devices without requiring additional privileges.
"The most serious of these issues is a critical vulnerability in the system component that could lead to remote code execution without elevated execution privileges," Google said in its official statement. To counter these deficiencies, Google introduced fixes in the first part of the March 2024 Android security update, applicable to devices at security patch level 2024-03-01.
Google Releases a CRITICAL Update for Android and Millions of People
Google confirms that this update includes fixes for a total of 13 vulnerabilities, with 11 of them having a "high" severity level that could lead to elevation of privilege, information disclosure, or denial of service. Increased attention is also paid to the second part of this month's update, marking security patch level 2024-03-05, which addresses 25 vulnerabilities in AMLogic, Arm, MediaTek and Qualcomm hardware.
Thus, Android devices running this new level of security are protected against all 38 identified issues. Additionally, Google has expanded the scope of these security patches to include Pixel, Automotive OS, Wear OS, and Pixel Watch devices, addressing more than 50 vulnerabilities for the Pixel lineup, 16 of which are considered critical.
Google has not reported active exploitation of these vulnerabilities, but the importance of these security updates cannot be underestimated because. However, the company encourages users to implement these fixes as soon as they become available, emphasizing the need for continued vigilance in protecting personal information and device integrity in the face of ever-evolving cyber threats.
