Anyone with an Android phone in their pocket would be wise to check their settings immediately and make sure their devices have the very latest updates installed. Google has just confirmed the release of its latest system upgrade which fixes a total of 62 vulnerabilities. That’s scary enough but what makes things worse is that two of the bugs have been given the dreaded ‘zero-day’ rating.
That basically means hackers have become aware of the flaws and are actively exploiting them in the wild. This is one of the reasons Google has rushed so quickly to fix the gremlins and stop Android users from becoming victims of cyber crime.
“We were aware of these vulnerabilities and exploitation risk prior to these reports and promptly developed fixes for Android,” Google told Bleeping Computer.
It’s unclear how many people may have been targeted by the zero day attacks, but it’s vital that all Android users check their devices regularly to make sure things stay safe.
Although Google has now released its new Andorid update, not all devices will get it immediately. Pixel phones, which are made by Google, should find the patch in their settings now but devices made by Samsung, OnePlus, Xiaomi and Honor may take a little longer to be fixed as the release will need to be tested by the manufacturer and then released separately.
To check your phone, simply head to Settings > Software update > Download and install.
Speaking about the importance of the update, Adam Boynton, Senior Security Strategy Manager EMEIA at Jamf, said: “With two vulnerabilities currently being exploited by cybercriminals, it’s absolutely essential that Android users update their devices immediately.
“CVE-2024-53150 and CVE-2024-53197 are both flaws in the kernel – the core part of the OS that acts as an intermediary between hardware and software.
“CVE-2024-53150 would allow an attacker to access sensitive information without user interaction, while CVE-2024-53197 could lead to memory corruption or even privilege escalation if exploited by attackers.
“Although this is a targeted attack, we strongly recommend that all users update their Android OS. Now that these CVEs are public, more attackers are likely to target devices that have not yet been updated. Keeping all devices across every operating system up to date is one of the most effective ways to safeguard against attackers.”
At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Cookie Notice.
