Security Updates: System vulnerability lets attackers take over Android

  • Post author:
  • Post last modified:February 9, 2022
  • Reading time:3 mins read

There are important security updates for Android 10, 11, 12, and various components of the system.

Android Security Updates 2022

To prevent attackers from gaining full control of Android devices, Google released plenty of security updates on Patchday in February. Anyone who owns a supported smartphone or tablet should check the patch level to ensure that it is up-to-date.

If it says 2022-02-01 or 2022-02-05, you are on the safe side for now, and the device is up to date with the security patches. Besides Google, other manufacturers like LG and Samsung also provide monthly Android updates (see box on the right). Unfortunately, not all devices get the patches by far.

Dangerous security gaps

In a warning message, Google classifies a “critical” system vulnerability (CVE-2021-39675) as the most threatening. Remote attackers could use this to acquire higher user rights without the victims having to do anything. It is unknown at this time, how this works in detail.

Most of the remaining vulnerabilities are classified as “high” and affect Framework, Media Framework, and various components from third parties such as Unisco. In most cases, attackers could end up with higher user rights after successful attacks. They could also access information that is actually isolated or provoke DoS states. After that, the devices could crash.

Extra security updates sausage

Google Pixel series is getting extra patches this month. According to a post, an attacker could target a vulnerability (CVE-2021-39687 “high”) in the camera and leak information. Pixel devices of series 1, 2, and 3 will no longer get updates, as support has expired.

Then, in May 2022, it will be over for the 3a and 3a XL models. The Pixel 4 and Pixel 4 XL will follow in October 2022.

You can also read these articles: