The risks from cyber criminals exploiting zero-day vulnerabilities have become a continuous threat for organizations, as they could lead to critical data breaches and cyberattacks. Recently, Android discovered four new critical zero-day bugs which were exploited in the wild. However, the company released fixes for the four vulnerabilities – CVE-2021-1905, CVE-2021-1906, CVE-2021-28663, and CVE-2021-28664 in its May 2021 Android Security Bulletin.
The flaws could affect Qualcomm Graphics and Arm Mali GPU Driver modules. If exploited successfully, the vulnerabilities could enable a remote hacker to execute arbitrary code to obtain a privileged process.
Security Researcher at Google’s Project Zero Maddie Stone said, “For 2021, we’ve surpassed the number of 0-days detected in the wild in all of 2020.”
For 2021, we’ve surpassed the number of 0-days detected in-the-wild in all of 2020. That’s great!https://t.co/o4F74b68Fh
— Maddie Stone (@maddiestone) May 19, 2021
What is a zero-day vulnerability?
A zero-day vulnerability is a flaw in a piece of software that is unknown to the programmer or vendor responsible for the application. Because the vulnerability isn’t known, there is no patch available. And hence, zero-day vulnerabilities pose a higher risk to users and businesses.
Google also recommended certain mitigation measures to reduce the likelihood of security vulnerabilities from becoming exploitable. These include:
- Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. All users are encouraged to update to the latest version of Android where possible.
- The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services and is especially important for users who install apps from outside of Google Play.
The latest Android security updates also included security patches for critical vulnerabilities in the System component that could allow an attacker to execute arbitrary malicious code within the context of a privileged process. Google urged all Android users to install the security updates as early as possible.
In its March 2021 Android Security Bulletin, Google addressed 37 vulnerabilities in its Android Operating System, including a critical flaw in the System component.
The State of Android Security
In a recent Google I/O session, the Director of the Android Security Strategy, Eugene Liderman, stated that in the first quarter of 2021, 95% of Android devices were given a security update that was released within 90 days.
Liderman also highlighted that the speed and frequency of Android security updates are now better than before and stated that Google Play Protect helps prevent malicious apps from being published.