35 Critical Flaws Addressed in Android’s March Release

By Marcos Colon

The company’s first set of fixes, patch level 2017-03-01, addresses 36 vulnerabilities for all patched phones. Of the 36 flaws, 11 are rated as “critical,” which could allow an attacker to fully compromise the device, while “15” are given a “high” severity rating, according to the latest Android Security Bulletin.

Although the SSL cryptographic bug was patched in OpenSSL in September, close to six months ago, Google has not indicated why it waited so long to address the vulnerability that received a low severity rating by OpenSSL developers.

The second patch level in this month’s release, 2017-03-05, fixes 14 “moderate” flaws, 32 high-rated bugs, and 24 Critical vulnerabilities that specifically impact drivers and components from MediaTek, Nvidia, Boardcom and Qualcomm. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.