Google fixes zero.day vulnerability in Android used in targeted attacks

Google has fixed a zero-day vulnerability rated as high severity in the Android mobile operating system, which was present in the system’s kernel and has already been used by cybercriminals to perform targeted attacks.

As part of the latest Android security updates, Google has released a patch for the CVE-2021-1048 error, which “could lead to local privilege escalation due to use after free “, as Google has recognized through its November security bulletin.

Likewise, Google has recognized that there are indications that the vulnerability, considered zero day -that is, Google had no knowledge of it-, its mobile operating system may have been used for a “targeted and limited exploitation“.

The cybersecurity company ESET has analyzed this security flaw and has ensured that “the fact that it has only been detected in targeted attacks and in small amounts should not worry (for now) most Android users“.

Google has also launched security patches that address 38 other vulnerabilities, with five of them classified as critical and allowing remote code execution. The most important of these vulnerabilities affecting the Android system component could eventually allow attackers to execute arbitrary code in the context of a privileged process using specially modified transmission.

In addition, a Android TV Remote Service component security flaw which could allow remote code execution. This would allow an attacker near the vulnerable device to connect to the TV to execute arbitrary code without the need for special permissions or user interaction.

ESET has reported that, despite the fact that Google publishes this type of security updates every month, many of the Android users will not be able to apply them until later.

Unlike the security bulletins that are released on other platforms such as Windows, where practically all users have the possibility to install security updates as soon as they are published, the Android system is very fragmented and only users of devices made by Google and some third-party models can be updated quickly.

Most users It is up to your device manufacturer to prepare these updates and release them later (usually months apart). Furthermore, only the latest devices tend to receive them, leaving millions of users with vulnerable versions of Android.

By Editor

Leave a Reply