Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Google patches Android bug

A vulnerability affecting Nexus 5 Android devices was patched by Google yesterday as part of regularly scheduled monthly Android patch updates, according to the Threatpost blog.

The public exploit – a rooting application – was first revealed to Google by Zimperium researchers two weeks ago.

“It allows for consistent elevation of privilege, so anyone with malicious intentions with code execution already on a device and wants higher code execution, could use it to get access to the microphone or camera, or read email, anything like that,” Zimperium founder and CTO Zuk Avraham told Threatpost.

This month's bulletin fixes seven remote code execution bugs and memory corruption issues in Android components Mediaserver and libstagefright.

In total, 15 bugs rated critical by Google were addressed in eight Android components, including Mediaserver and libstagefright.

Three critical flaws in DHCPCD which could allow remote code execution in the context of the DHCP client were also updated.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.