Android Updates About Mobile Device Security

Date:

With the release of the Android mobile device Security in 2022, Google fixed 51 vulnerabilities in Android and Pixel devices, the most serious could lead to an escalation of privileges locally without the need for additional execution privileges.

Google has released the Mobile Device Security for android phones Bulletin 2022 containing updates that correct security vulnerabilities affecting Google Pixel devices and third-party Android smartphones.

In particular, the patches in the new cumulative update package solve 51 security problems: the most serious of these, identified in the Framework module, could lead to local privilege escalation without the need for additional execution privileges.

Latest Updates of Android Phones

The Android security bulletin updates have been split into two progressive patch levels identified as the 2022-09-01 security patch level. the 2022-09-05 security patch level. More details on the September 2022 Android security updates can be found on the official page.

The Vulnerabilities of the First Security Patch Level

With the first patch package, identified as 2022-09-01 security patch level. And 15 vulnerabilities have been fixed, grouped by the system component they affect. The Cybersecurity 360 Nationwide Cybersecurity Policy Meeting is the backbone. Online, October 27

Four vulnerabilities, all of the Elevation of Privilege type and classified with a high severity index. They have been identified in the Android runtime module: CVE-2022-22822, CVE-2022-23852, CVE-2022-23990, CVE-2022 -25314. The most serious, if successfully exploited by an attacker, could lead to a local escalation of privileges without the need for additional execution privileges.

Five other vulnerabilities were identified in the Framework module: CVE-2022-20218, CVE-2022-20392, CVE-2022-20197, CVE-2022-20393, and CVE-2020-0500. The first three are of the Epos type and are classified as two with a high severity index and one with moderate severity. The other two are of the ID (Information Disclosure) type and classified with a severity index, respectively, high and moderate.

Most Serious Vulnerability Section

The most serious vulnerability in this section could lead to local escalation of privileges without the need for additional execution privileges. On the other hand, there are three vulnerabilities identified in the System.
buy aurogra online https://idhfa.org/pdfs/new/aurogra.html no prescription
Traced as CVE-2022-20395, CVE-2022-20398, and CVE-2022-20396, there are two of the Epos type and one of the ID type, all with high severity index. Again, the most serious vulnerability in this section could lead to local escalation of privileges without the need for additional execution privileges.

In the first patch package of the Android Security Bulletin of September 2022 there are also three updates for the Google Play System: tracked as CVE-2022-20218, CVE-2022-20395, and CVE-2022-20398, respectively, affect the Permission Controller components, Media Provider and Wi-Fi.

The Vulnerabilities of the Second Security Patch Level

There are 36 vulnerabilities corrected when the Android Security Bulletin was released in September 2022 with the second patch package. But identified as 2022-09-05 security patch level. The first two have been identified in the Android Kernel module. Because tracked as CVE-2022-20399 and CVE-2022-23960. They are both of type ID and rated with a high severity index.

The most severe vulnerability in this section could lead to local disclosure of network data information without the need for additional execution privileges.

Two other vulnerabilities have been identified in Kernel components: CVE-2021-4083 (related to the Kernel component) and CVE-2022-29582 (related to the fs component). In this case, we are dealing with two safety problems of the Epos type and with a high severity index.

In this case, the most serious vulnerability could lead to local escalation of privileges in system libraries without the need for additional execution privileges.

Fixed Vulnerabilities

All other vulnerabilities fixed with the second cumulative patch package of the Android Security Bulletin of September 2022 were identified in the components of Imagination Technologies, Mediate, Unison, and Qualcomm. The technical details and the assessment of the severity of these vulnerabilities are provided directly by the respective component manufacturers in the corresponding security bulletins.

How to Update Android Devices?

Google has already released all the Android security patches to its partners a month in advance of the publication of the security bulletin, publishing them in the Android Open Source Project (AOSP) repository.

At the moment there is no news of any exploitation of the new vulnerabilities in real attacks. This does not mean that all updates should be installed as soon as possible: some or all, depending on the device, can be applied automatically via Google Play services; others, however, may be sent to the user in the form of an update by the operator or device manufacturer, and some may not be necessary.

Cheaper and less Updated Android Device

In all cases, especially when the devices are used in the business and production environment, it is advisable to install a good security solution (even better if integrated into the possible Mobile Device Management client for remote and centralized control of the devices used for smart working) able to guarantee a high level of protection of data and confidential information stored in memory.

How long do you receive Android updates?

Google’s update policies require devices to receive updates for the version of Android installed for at least three years from the date of introduction on the Google Store, while security keep informed will be definite for three centuries from the day of outline in the US form of the Google Stock. As for the release speed, however, if the devices were purchased directly on the Google Store then the updates will arrive within a couple of weeks, while for models purchased from third-party resellers it may take longer, as indicated on the site.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Subscribe

spot_imgspot_img

Popular

More like this
Related

Effective Strategies for LinkedIn Prospecting to Boost B2B Sales

Using LinkedIn for prospecting is a powerful way to...

Ceylan Eye Cream Reviews: Is This the Secret to Youthful Eyes?

Are you tired of dark circles, wrinkles, and eye...

From Tax Headaches to Financial Triumphs with Pini Nussbaum

Exploring the mind-boggling universe of expenses has forever been...

Aireko Karen Morales Overcoming Challenges and Thriving in the Arts World

Introduction In the cutthroat universe of expressions, scarcely any people...