Google had a busy end to 2023 and most of the heavy loading was done by the Android security team in the last month of the year. The latest security bulletin from Google points out that over 100 security issues with critical to high severity rating had affected millions of Android devices.
All in all, these vulnerabilities resulted in Google fixing 100 security issues in the Android framework and other components used in the phones. The details provided by Google talks about these security issues affecting devices that are still running on the Android 11 version.
We’ve already talked about multiple security warnings from the Indian government for Android users in the past few weeks, and the latest security bulletin from Google highlights the range of issues that affected millions of devices in the last 30 days. Google fixed the security issue with a patch in December, and it evidently fixed multiple vulnerabilities affecting Android devices.
Having said that, the highlight of issues for Google has to be CVE-2023-40088 that allows Remote Code Execution or RCE, and an attacker could leverage this to install malicious code or software on a user’s phone without consent.
Like we mentioned earlier, this vulnerability affected a wide range of Android versions, including Android 11, 12, 12L, 13, and 14. This security patch includes additional fixes that address vulnerabilities identified in components from various chip makers, such as ARM, Unisoc, Mediatek, and Qualcomm.
Interestingly, the company has not listed the security issues faced by Pixel users during this period, but we do have details on the issues that affected WearOS users in the month. Pixel users did get a plethora of new features via the Pixel December 2023 drop update that was offered over-the-air to eligible Pixel users, starting from the 4a 5G model.
Google will be hoping for a less hectic start to 2024 and also needs to rectify the issues at its end that let these vulnerabilities become a concern for the users.
Comments
0 comment