Google has corrected 41 vulnerabilities in its newest Android security update, ranging in severity from “high” to “critical.” None, on the other hand, are being actively exploited right now.
Google has issued a security alert outlining the fixes included in the most recent monthly Android security update. This month, there are a total of 41 flaws. Some were already repaired in a patch a few days ago, but their fix has now been included in this larger update.
There are three problems that are regarded critical among these flaws:
- CVE-2021-0870: Android system has a remote code execution vulnerability. Allows an attacker to run arbitrary code in the context of a privileged process from a remote location.
- CVE-2020-11264: Qualcomm’s WLAN component has an improper authentication vulnerability. A remote attacker may be able to inject arbitrary network traffic.
- CVE-2020-11301: Qualcomm’s WLAN component has an improper authentication vulnerability. It’s possible that information will be revealed to an attacker.
Arbiter code execution, remote denial of service, privilege elevation, and data privacy breaches are among the other “high” severity vulnerabilities. These issues are mostly found in Qualcomm components, and as we saw with the 33 vulnerabilities fixed in August, Qualcomm has already patched several of them.
Vulnerabilities that have not been discovered
None of these flaws is being actively exploited right now. The Android versions that are impacted vary from 8.1 to 11. The availability of this security update is contingent on the manufacturer of your smartphone and if it is still supported. If this is not the case, you can install another Android distribution to acquire the most recent updates.
If you’re not sure if your phone has been updated, look at the date of the most recent security patch in your settings. Your most recent security patch must be dated October 5 in order to fix all 41 vulnerabilities, including the three designated critical.