Google has released the first beta version of the new version of the mobile operating…
According to the official Android Security Bulletin, the most dangerous of all vulnerabilities is a bug in the Media framework.
“The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed”, — reported Android developers.
Three of the nine critical RCE bugs were discovered in the Media framework. Thus, vulnerabilities CVE-2019-2106 and CVE-2019-2107 threaten all versions of Android, ranging from 7.0 to 9.0. However, the third problem, CVE-2019-2109, does not pose a threat for 9.0 version.
The last, fourth critical bug found directly in Android, received the identifier CVE-2019-2111 and was found in the system itself. This issue is dangerous only for users of Android 9.0.
The remaining serious issues concern Qualcomm components.
“We have had no reports of active customer exploitation or abuse of these newly reported issues”, — ensure developers.
Other fixed this month issues may lead to disclosure and information leakage or privileges’ escalation.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…
View Comments