1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google fixes "critical" Android 12 security flaw

    From TechnologyDaily@1337:1/100 to All on Wed Feb 9 13:30:03 2022
    Google fixes "critical" Android 12 security flaw

    Date:
    Wed, 09 Feb 2022 13:11:16 +0000

    Description:
    Source-level change in the Android 12 wireless near-field communication code could have been bad news for users.

    FULL STORY ======================================================================

    Google has fixed a critical security flaw in Android 12 which could have allowed crooks access to the target endpoint without user interaction.

    In its February 2022 Android Security Bulletin , Google says that the flaw, tracked as CVE-2021-39675, is a critical security vulnerability in the System component that could lead to remote escalation of privilege with no
    additional execution privileges needed.

    Other than that, theres not much detail in the blog itself, however The Register spotted a source-level change in Androids wireless near-field communication (NFC) code, that forces the code to ensure a size parameter
    isnt too large. The publication also suspects Google decided to keep the
    whole thing hush-hush as its still in the middle of rolling out the patches. Additional flaws discovered

    Unlike iOS, which is a fully centralized operating system where Apple
    controls the patches, most Android makers have their own sub-brand of the OS, meaning all of them have to prepare patches for their devices separately. Given that Google develops Android, Google-made phones ( such as the Pixel 6
    ) will be among the first to receive this patch.

    Still, Google notifies its partners of newly discovered vulnerabilities a month before publicizing anything, so its safe to assume that other vendors will be close behind, at least for their flagship models.

    The announcement has also listed five other high-severity flaws found in the System component, that were patched. That includes privilege elevation bugs
    in Android 11 and 12, as well as denial-of-service flaws in Android 10 and
    11. Read more

    Android 12 features, supported devices and what to know



    Android 12L: what is it, and why does it matter?


    How to set up an Android phone: our guide to switching on your new phone

    Other than that, Google has also identified five high-severity flaws in the Android Framework component, four high-severity bugs in the Media Framework, and two MediaProvider flaws fixed through Google Play updates.

    To check for updates manually, Android users can navigate to Settings > Software Update, which is located at the very bottom of the menu. You might also want to check out our list of the best Android tablets right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/google-fixes-critical-android-12-security-flaw/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)