Google Rolls Out November Nexus Security Patches for Critical Android Flaws Enabling Remote Code Execution

By

This November, Google rolls out its new roadblock for the Stagefright vulnerability on Nexus devices. The patches that have been made for critical issues both address susceptibilities that could permit remote code execution and commands on Android devices.

According to Tech Times, a hole for information revelation is being stitched up by one of the patches of the four high-severity vulnerabilities. On the other hand, the other three which come along with the moderate-severity backdoor address flaw that might allow unofficial promotion of rights.

The critical security vulnerability that might let remote code execution on an affected device through numerous methods including email, web browsing as well as MMS when processing media files is considered as the most severe of these issues.

A separate report from The Verge stated that the Android recently acquired patch fixes a total of 23 vulnerabilities which include two serious issues. The most critical of the vulnerabilities enables remote code execution over email, web browsing, and MMS. In addition, a recently discovered vulnerability in the Stagefright library recorded as high instead of critical due to the struggle of remote execution is also being fixed by this patch.

What's more, the patch contains bugs that have been reported by Google's internal security teams, Trend Micro, System Security Lab, and Keen Team. It is said that Last October 5, partners have been informed of the bugs and the patches will be distributed to the Android Open Source Project's code repository in 48 hours.

For the month of November, Google has registered one of the most severe critical security vulnerabilities that could enable remote code execution on an affected device through various methods such as email, web browsing, and MMS when processing media files, NDTV gadgets wrote.

Nevertheless, Google has noted that it didn't get any reports of active customer with regard to the exploitation of the recently conveyed issue, but it revealed that partners were advised about the issues on October 5.

© 2024 VCPOST.com All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics