Google fixed the zero-day vulnerability in the Android security update distributed in September. A total of 33 defects, including critical vulnerabilities in the system, were fixed.
The zero-day vulnerability has been identified as CVE-2023-23674 and resides in the Android framework. allowing hackers to assume privileges without the user’s consent. According to Google, there are signs that the flaw is being exploited by criminals.
“Improvements in the latest versions of the Android platform make it more difficult to exploit many issues in Android. We encourage all of our users to update to the latest version of Android whenever possible,” Google recommends.
In addition to this leak, the September patch It also fixes three critical flaws in the system: CVE-2023-35658, CVE-2023-35673, CVE-2023-35681. The trio can pave the way for remote code execution without the user’s consent.
Another bug fixed relates to internal Qualcomm components. According to Google, this flaw (CVE-2023-28581) can be used to execute arbitrary code, read sensitive information, or trigger system failures.
Important update
Google distributes the fixes in two packages; One of these includes fixes for Kernel components that are not useful for all devices.
The responsibility for pushing the security update lies with the manufacturers. If your mobile phone is still supported, It is important for the user to pay attention to system update notifications.
Source: Tec Mundo
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.
