If you own an Android device, you should make sure that the software is up to date. Otherwise, devices are vulnerable and attackers could access data without authorization or gain higher user rights. The current security patch level that can be read in the settings is 2022-10-05.

According to a warning message, Google released security patches for Android 10, 11, 12, 12L and 13 on patch day in October. In addition to Google, LG and Samsung, among others, also provide monthly security updates (see box on the right). Unfortunately, there is still no guarantee that all Android devices on the market will receive the patches.

Reddit opens up to developers and third-party apps

• TAGS
• developers
• opens
• party
• reddit
• third

Framework and system vulnerabilities

Google classifies a vulnerability in the framework as the most dangerous. It is not clear from the description which gap this is. If attacks are successful, attackers should have higher user rights. No additional execution rights should be required for an attack.

If attackers successfully target security gaps in the media framework and system, they could access information that is actually inaccessible. DoS attacks are also conceivable. Other vulnerabilities in the kernel and kernel components could serve as a springboard for attackers to escalate their privileges.

More attack points

In addition, attackers could exploit vulnerabilities in MediaTek and Qualcomm components, among others. Below that is a “critical” WLAN vulnerability (CVE-2022-25720). A memory error (out of bound) could occur at this point. Attackers can usually use this to run malicious code on devices.

As a post shows, Google’s Pixel series gets additional security updates. These include two vulnerabilities classified as critical in the kernel and trusty components.

Comparative Xiaomi 12 and 12 Pro vs Xiaomi 12S and 12S Pro: power, cameras and other changes between both generations

• TAGS
• 12s
• cameras
• comparative
• generations
• power
• pro
• xiaomi