In-depth

Google fixes 78 vulnerabilities in Android

Tech giant patches flaw that let hackers take over your phone

Google has fixed a whopping 78 vulnerabilities in its Android operating system in its latest security bulletin.

The firm's Android October Security Bulletin, which this month addresses 31 more security flaws than last month's, is spread across two different patch levels.

"These patch levels organise security flaws based on the components they affect, with the 2016-10-01 security patch level' affecting core Android services, drivers, and components that all smartphone vendors must address with high priority," Google said in the bulletin.

Advertisement - Article continues below

Meanwhile, the second 2016-10-05 security patch level' addresses issues in selected drivers and components that only some OEMs deploy with their Android versions, and smartphone vendors are required to implement only if they use those components.

The most severe of the issues patched were critical security vulnerabilities in device-specific code that could enable remote code execution, leading to "the possibility of a local permanent device compromise", Google said. Affected devices might have require reflashing the operating system to repair the device.

"We have had no reports of active customer exploitation or abuse of these newly reported issues," Google said, advising that those concerned should refer to the Android and Google service mitigations section for details on the Android security platform protections, such as SafetyNet, which improve the security of the Android platform.

Advertisement
Advertisement - Article continues below

Alongside the bulletin, Google also released a security update to Nexus devices through an over-the-air (OTA) update. Within this, Google said it has released the Nexus firmware images to the Google Developer site, and the Security Patch Levels of October 05, 2016 or later address these issues.

Supported Nexus devices will receive a single OTA update with the 5 October, 2016 security patch level, Google said.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/cloud/cloud-computing/355742/microsoft-launches-public-cloud-service-for-health-care
cloud computing

Microsoft launches public cloud service for health care

21 May 2020
Visit/software/video-conferencing/355596/house-of-commons-to-ditch-zoom
video conferencing

House of Commons to ditch Zoom in favour of British alternative

11 May 2020