IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google patches critical Android 12 security flaws

The vulnerability could allow hackers to escalate privileges remotely without user intervention

The Android logo displayed on a smartphone, which is being held in front of a Google sign

Google has resolved a critical security flaw in Android 12 with its February 2022 Android security update.

The vulnerability, code-named CVE-2021-39675, affected the System component and could allow hackers to gain admin privileges remotely.

Google's Android Security Bulletin also addresses a second critical vulnerability, CVE-2021-30317, which affects a closed-source component built by Qualcomm and was active on all Android devices fitted with the hardware.

Related Resource

Vulnerability and patch management

Keep known vulnerabilities out of your IT infrastructure

Whitepaper cover with dark red smoke-like graphic on black backgroundFree Download

Thus far, there have been no reports of active exploitation of either of the now-patched vulnerabilities.

Aside from CVE-2021-39675 and CVE-2021-30317 vulnerabilities, Google issued fixes for five high-severity flaws in Framework, four high-severity bugs in Media Framework, seven high-severity to critical flaws in System, two vulnerabilities of unknown severity in Media Provider, one high-severity flaw in Amlogic components, five high-severity bugs in MediaTek components, three high-severity flaws in Unisoc components, and six high to critical severity vulnerabilities in Qualcomm components.

“The severity assessment of bugs is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed,” explained Google.

However, the search giant noted that the severity of vulnerabilities affecting Amlogic, MediaTek, Unisoc, and Qualcomm components are determined by the source vendor.

Google Play system updates and security updates are available for Android devices running Android 10 and later.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022