Cybercriminals are always stalking unpatched vulnerabilities which can be exploited to penetrate targeted systems. Several popular products and services suffered cyberattacks due to unpatched vulnerabilities. In order to fix the same, Google recently released its March 2021 Android Security Bulletin to address 37 vulnerabilities in its Android Operating System, including a critical flaw in the System component.
All the flaws are rated highly severe and can allow a remote attacker to launch remote code execution, elevation of privilege, and information disclosure attacks.
The critical vulnerability “CVE-2021-0397” affects Android products of 8.1, 9, 10, and 11 versions. If exploited successfully, the flaw could allow an attacker to execute a malicious code remotely on vulnerable devices.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process,” the advisory said.
The tech giant addressed all the bugs in the latest security patch including flaws in Kernel components, Qualcomm components, and in Qualcomm closed-source components.
“The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed,” the advisory added.
Mitigations:
Google also recommended certain mitigation measures to reduce the likelihood of security vulnerabilities becoming exploitable. These include:
- Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible
- The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services and is especially important for users who install apps from outside of Google Play
Google Delists Malicious Apps
Google recently delisted a malicious app “Barcode Scanner” published by LavaBird LTD, after Malwarebytes claimed that unwanted ads were displayed on their default browser on Android devices without users’ consent. Malwarebytes stated that the app remained harmless for a long time and suddenly turned malicious after an update, which was released on December 4, 2020. Read More…
