Android Security: Google new security patch now fixes three vulnerabilities

Android Security: Google new security patch now fixes three vulnerabilities

Google has now released the May security update for Android on time. According to the Android Security Bulletin, three critically classified security gaps are closed. The update also fixes some device-specific problems.

Google sent the details of the vulnerabilities that had become known to its partners in the previous month for correction. The new security patch now fixes three vulnerabilities classified as critical, which could be used by a remote attacker to take control of the device. Most security problems affect Android versions 8.0, 8.1 and 9, but also Android 10. There are also several highly classified security gaps that have been fixed.

The security update is initially available as usual for Google Pixel and Nexus as an over-the-air update. Samsung users also report that they have already been offered the May update. Alternatively, the images are available for download.

Important changes

Google also fixes known bugs and vulnerabilities with the May patch. This includes a bug in the framework, which can lead to a local attacker injecting a specially prepared file that enables the execution of arbitrary code in the context of a privileged process. Other changes address vulnerabilities in the kernel, as well as in Qualcomm and MediaTek components

No active exploitation

According to Google, there is currently no evidence of active exploitation of the vulnerabilities. Users should still use the new updates as soon as possible.

In version 2020-05-01 there is the so-called partial security patch level string, which contains the fix for a total of around a dozen security gaps. In version 2020-05-05, the complete security patch level string, there is a long list of other security gaps, improvements and optimizations.

Only a few days ago an evaluation became known, according to which Android users now get the important security patches somewhat faster than a year ago. However, the risk remains higher than with other operating systems. As soon as the manufacturer delivers an update, users should install it promptly.

Also Read:

Comment here